Henryk Plötz
Henryk Plötz
Currently no escaping is done when outputting (the only) user-supplied data, leading to a trivial XSS vulnerability (albeit with limited impact). To test, try entering something like ``` http://foo'>Foo ```...
New optional parameter for `Tailscale()`: `api_url`, same as `--login-server` for the `tailscale` CLI client. # Proposed Changes This change will allow setting a custom API URL for the tailscale control...
As is, django-filter is not compatible with [django-scopes](https://github.com/raphaelm/django-scopes). Django-scopes is an additional guardrail which prevents accidental data exposure. It replaces the default manager of a model with a specialized manager...