Opened 11 years ago
Closed 11 years ago
#11030 closed enhancement (fixed)
use 'border-radius' in the div environment and more. — at Version 8
| Reported by: | anonymous | Owned by: | Christian Boos |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.0.2 |
| Component: | wiki system | Version: | |
| Severity: | normal | Keywords: | html |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: |
Added |
||
| Internal Changes: | |||
Description (last modified by )
Could you add 'border-radius' to the SAFE_CSS 'frozenset' in trac/util/html.py?
Change History (8)
comment:1 by , 11 years ago
| Component: | general → wiki system |
|---|---|
| Keywords: | html added |
| Milestone: | → 1.0.2 |
| Owner: | set to |
| Status: | new → assigned |
comment:2 by , 11 years ago
| Description: | modified (diff) |
|---|
comment:3 by , 11 years ago
It seems like a pretty simple change, though I'm not entirely sure what "safe css" means. Should I just go ahead and add it to the set?
comment:4 by , 11 years ago
It means the CSS attribute can't be used as an attack vector (e.g. XSS, or overlay a clickable with a transparent one that does something else), and therefore doesn't need to be filtered from user-supplied HTML.
Yes, you can simply add it to the set.
comment:5 by , 11 years ago
| API Changes: | modified (diff) |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
comment:6 by , 11 years ago
Oh, I think that we should add also border-*-*-radius, e.g. border-top-left-radius. See Property Index - CSS Backgrounds and Borders Module Level 3.
comment:7 by , 11 years ago
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
Okay, I'll add those as well :)
comment:8 by , 11 years ago
| API Changes: | modified (diff) |
|---|---|
| Resolution: | → fixed |
| Status: | reopened → closed |
Sure.