From 9c8db3f65a82d87b1d654f8258a5a945fd9b95af Mon Sep 17 00:00:00 2001
From: niphlod <niphlod@gmail.com>
Date: Tue, 28 Jun 2016 23:52:28 +0200
Subject: [PATCH] corner case - fixes #1363

---
 gluon/sanitizer.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gluon/sanitizer.py b/gluon/sanitizer.py
index c1dd2cf0..20e9e205 100644
--- a/gluon/sanitizer.py
+++ b/gluon/sanitizer.py
@@ -129,7 +129,7 @@ class XssCleaner(HTMLParser):
 
     def handle_endtag(self, tag):
         bracketed = '</%s>' % tag
-        self.in_disallowed.pop()
+        self.in_disallowed and self.in_disallowed.pop()
         if tag not in self.permitted_tags:
             if (not self.strip_disallowed):
                 self.result += xssescape(bracketed)