Edgewall Software
Modify

Opened 15 years ago

Closed 15 years ago

Last modified 13 years ago

#275 closed defect (fixed)

html processor should probably be disabled by default or operate in "safe" mode.

Reported by: Jonas Borgström Owned by: daniel
Priority: highest Milestone: 0.7
Component: wiki system Version: 0.6.1
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:

Description

The html processor could potentially be dangerous if malicious users embedd <embed>, <object> or <script> tags.

Attachments (0)

Change History (5)

comment:1 by anonymous, 15 years ago

Priority: highnormal

comment:2 by anonymous, 15 years ago

Priority: normalhighest

comment:3 by daniel, 15 years ago

Milestone: 0.6.20.7

comment:4 by daniel, 15 years ago

Owner: changed from Jonas Borgström to daniel
Status: newassigned

comment:5 by daniel, 15 years ago

Resolution: fixed
Status: assignedclosed

Fixed in [479].

Could probably be improved.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain daniel.
The resolution will be deleted. Next status will be 'reopened'.
to as closed The owner will be changed from daniel to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.