From 2b64be9dc6ae52efdbc2beaf76b87c747857c4a1 Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Sat, 6 Sep 2008 11:33:47 -0300
Subject: [PATCH] sanitize() must only be called on strings

Otherwise, we may call sanitize() and think it's safe when it's not.

Signed-off-by: Alberto Bertogli <albertito@blitiri.com.ar>
---
 blitiri.cgi | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/blitiri.cgi b/blitiri.cgi
index 6ada91b..8ce4298 100755
--- a/blitiri.cgi
+++ b/blitiri.cgi
@@ -549,9 +549,7 @@ def valid_link(link):
 	return None
 
 def sanitize(obj):
-	if isinstance(obj, basestring):
-		return cgi.escape(obj, True)
-	return obj
+	return cgi.escape(obj, quote = True)
 
 
 # find out our URL, needed for syndication
-- 
2.43.0