fix attachment xss in html report

2026-06-13 03:39:44 +08:00 · 2018-11-28 22:57:46 +08:00
parent 72918df69e
commit ae70b704b0
1 changed files with 1 additions and 1 deletions
--- a/httprunner/templates/report_template.html
+++ b/httprunner/templates/report_template.html
@@ -361,7 +361,7 @@
            <div class="popup">
              <h2>Traceback Message</h2>
              <a class="close" href="#record_{{record_index}}">&times;</a>
-              <div class="content"><pre>{{ record.attachment }}</pre></div>
+              <div class="content"><pre>{{ record.attachment | e }}</pre></div>
            </div>
          </div>
        {% endif %}