cubicweb #1382038 cubicweb.web.views.pyviews: lack of xmlescape [resolved]

There is no mention in the documentation of the need to xml_escape the values passed to these views. Careless use can enable XSS attacks.

priorityimportant
typebug
done in3.10.7
load0.100
load left0.000
closed by#ff9059e144f9 [pyviews] document the fact that content is not xml-escaped (closes #1382038)