Use string.Template.safe_substitute for HTTP exc body templates

author: Bert JW Regeer <bertjw@regeer.org> 2018-04-04 20:00:12 -0600
committer: Bert JW Regeer <bertjw@regeer.org> 2018-04-04 20:00:12 -0600
commit: 9939b6c3320bdeaf798373366bb4d77a3259bbea (patch)
tree: a6c5d812dfcec153d2f3440ddb83ec245024767f /src/webob
parent: 1979ac1e15a3eaccf4e6f99b71130faf02132d0a (diff)
download: webob-9939b6c3320bdeaf798373366bb4d77a3259bbea.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/webob/exc.py b/src/webob/exc.py
index d0b04d2..553a0b1 100644
--- a/src/webob/exc.py
+++ b/src/webob/exc.py
@@ -301,7 +301,7 @@ ${body}''')
             for k, v in self.headers.items():
                 args[k.lower()] = escape(v)
         t_obj = self.body_template_obj
-        return t_obj.substitute(args)
+        return t_obj.safe_substitute(args)
 
     def plain_body(self, environ):
         body = self._make_body(environ, no_escape)
author	Bert JW Regeer <bertjw@regeer.org>	2018-04-04 20:00:12 -0600
committer	Bert JW Regeer <bertjw@regeer.org>	2018-04-04 20:00:12 -0600
commit	9939b6c3320bdeaf798373366bb4d77a3259bbea (patch)
tree	a6c5d812dfcec153d2f3440ddb83ec245024767f /src/webob
parent	1979ac1e15a3eaccf4e6f99b71130faf02132d0a (diff)
download	webob-9939b6c3320bdeaf798373366bb4d77a3259bbea.tar.gz