Apache Allura™

Forge software for hosting software projects

Brought to you by: alexluberg, brondsem, ccruz, deshani, and 11 others

#607 Sanitize HTML

Milestone: v1.0.0

Status: closed

Owner: nobody

Labels: sf-4 (350)

Component: General

Reviewer: nobody

Updated: 2015-08-20

Created: 2010-07-07

Creator: Anonymous

Private: No

Originally created by: sf-overlords

Created by: rcopeland
Created date: 2010-06-17 21:23:09.531000
Assigned to:rcopeland

Currently we allow any HTML in markdown areas (wikis, comments, etc.), including \<script> tags. This should be fixed. See why? <script>alert('Users should not be able to do this!')</script>

Discussion

Anonymous - 2010-07-07

Originally by: sf-overlords

Post by mramm:

custom_field__size: --> 2
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anonymous - 2010-07-07

Originally by: sf-overlords

Post by rcopeland:

description has changed

custom_field__size: -->

status: open --> validation

assigned_to: Rick Copeland

summary: Add HTML sanitization from the feedparser library --> Sanitize HTML
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Apache Allura™

Forge software for hosting software projects

Milestone

Searches

Help

#607 Sanitize HTML

Discussion