fix attachment xss in html report

2026-05-13 17:29:56 +08:00 · 2018-11-28 22:57:46 +08:00
parent 4e627c0529
commit 0933c92921
1 changed files with 1 additions and 1 deletions
--- a/httprunner/templates/report_template.html
+++ b/httprunner/templates/report_template.html
@@ -361,7 +361,7 @@
            <div class="popup">
              <h2>Traceback Message</h2>
              <a class="close" href="#record_{{record_index}}">&times;</a>
-              <div class="content"><pre>{{ record.attachment }}</pre></div>
+              <div class="content"><pre>{{ record.attachment | e }}</pre></div>
            </div>
          </div>
        {% endif %}