Bug #57
Feature #1: Properly balanced registration system
Description must not permit HTML
Status: | Closed | Start date: | 2010-12-14 | |
---|---|---|---|---|
Priority: | Urgent | Due date: | ||
Assignee: | Chris Cannam | % Done: | 100% | |
Category: | - | |||
Target version: | - |
Description
Currently the Description is received and stored as unfiltered HTML -- see for example http://test.soundsoftware.ac.uk/luisf/users/6 (user with Javascript injection in their description field). It needs to be something safer -- a standard Wiki-text format would do nicely.
History
#1 Updated by Luis Figueira about 14 years ago
- Status changed from New to Feedback
- Assignee changed from Luis Figueira to Chris Cannam
"Testable" in my branch.
#2 Updated by Chris Cannam about 14 years ago
- Status changed from Feedback to Resolved
- Assignee changed from Chris Cannam to Luis Figueira
- % Done changed from 0 to 100
Looks good. Thanks!
#3 Updated by Chris Cannam about 14 years ago
- Status changed from Resolved to Closed
#4 Updated by Chris Cannam about 14 years ago
- Assignee changed from Luis Figueira to Chris Cannam