Remove dangerous safestring declaration

This declaration allows XSS content through the JSON and
is unnecessary for correct rendering of the content anyway.

Change-Id: I82355b37108609ae573237424e528aab86a24efc
Closes-Bug: 1667086
(cherry picked from commit a835dbfbaa)
This commit is contained in:
Richard Jones 2017-03-07 16:55:39 +11:00 committed by Rob Cresswell
parent 7a1a8b3739
commit ce80bb6fec
1 changed files with 1 additions and 2 deletions

View File

@ -14,7 +14,6 @@
import json
from django.utils import safestring
from django.utils.translation import ugettext_lazy as _
from django.utils.translation import ungettext_lazy
@ -75,7 +74,7 @@ def get_rules_as_json(mapping):
rules = getattr(mapping, 'rules', None)
if rules:
rules = json.dumps(rules, indent=4)
return safestring.mark_safe(rules)
return rules
class MappingsTable(tables.DataTable):