From 6d03ebd1c61b7551925841eb0e42d30a22ad83cd Mon Sep 17 00:00:00 2001
From: Faris Ansari <netchampfaris@users.noreply.github.com>
Date: Mon, 25 Dec 2017 18:48:59 +0530
Subject: [PATCH 1/2] Hotfix login (#4680)

* FIx XSS Sanitize

* Don't sanitize password
---
 frappe/templates/includes/login/login.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frappe/templates/includes/login/login.js b/frappe/templates/includes/login/login.js
index d02d449c38..3584998434 100644
--- a/frappe/templates/includes/login/login.js
+++ b/frappe/templates/includes/login/login.js
@@ -18,7 +18,7 @@ login.bind_events = function() {
 		var args = {};
 		args.cmd = "login";
 		args.usr = frappe.utils.xss_sanitise(($("#login_email").val() || "").trim());
-		args.pwd = frappe.utils.xss_sanitise($("#login_password").val());
+		args.pwd = $("#login_password").val();
 		args.device = "desktop";
 		if(!args.usr || !args.pwd) {
 			frappe.msgprint("{{ _("Both login and password required") }}");

From 8a78f40f218ef1e211d00c26f0fdabc254c432ee Mon Sep 17 00:00:00 2001
From: Nabin Hait <nabinhait@gmail.com>
Date: Mon, 25 Dec 2017 19:44:33 +0600
Subject: [PATCH 2/2] bumped to version 10.0.2

---
 frappe/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frappe/__init__.py b/frappe/__init__.py
index d5ece4a417..2d7d01e763 100644
--- a/frappe/__init__.py
+++ b/frappe/__init__.py
@@ -14,7 +14,7 @@ import os, sys, importlib, inspect, json
 from .exceptions import *
 from .utils.jinja import get_jenv, get_template, render_template, get_email_from_template
 
-__version__ = '10.0.1'
+__version__ = '10.0.2'
 __title__ = "Frappe Framework"
 
 local = Local()