Bug #57
Feature #1: Properly balanced registration system
Description must not permit HTML
| Status: | Closed | Start date: | 2010-12-14 | |
|---|---|---|---|---|
| Priority: | Urgent | Due date: | ||
| Assignee: |  Chris Cannam | % Done: | 100% | |
| Category: | - | |||
| Target version: | - |
Description
Currently the Description is received and stored as unfiltered HTML -- see for example http://test.soundsoftware.ac.uk/luisf/users/6 (user with Javascript injection in their description field). It needs to be something safer -- a standard Wiki-text format would do nicely.
History
#1
Updated by Luis Figueira over 13 years ago
- Status changed from New to Feedback
- Assignee changed from Luis Figueira to Chris Cannam
"Testable" in my branch.
#2
Updated by Chris Cannam over 13 years ago
- Status changed from Feedback to Resolved
- Assignee changed from Chris Cannam to Luis Figueira
- % Done changed from 0 to 100
Looks good. Thanks!
#3
Updated by Chris Cannam over 13 years ago
- Status changed from Resolved to Closed
#4
Updated by Chris Cannam over 13 years ago
- Assignee changed from Luis Figueira to Chris Cannam