Close a potential cross-site scripting hole, discovered by Florian Weimer.

Initial patch provided by Florian, modified by Barry.

Also, turn STEALTH_MODE on by default.  Most sites won't change this value
from its default, so we might as well use the more secure option.  Also, if
STEALTH_MODE is turned off, but the websafe() function can't be imported, turn
STEALTH_MODE back on.

0 files changed, 0 insertions, 0 deletions