Roundup Tracker - Issues


Author davidben
Recipients davidben, ezio.melotti
Date 2011-09-05.01:18:17
Message-id <>
Agreed. Allowing arbitrary HTML specified in the URL like this is sloppy and extremely prone to 
XSS attacks. But in absence of redesigning the messages altogether, the filter should be as 
absolutely strict as possible.
Date User Action Args
2011-09-05 01:18:17davidbensetmessageid: <>
2011-09-05 01:18:17davidbensetrecipients: + davidben, ezio.melotti
2011-09-05 01:18:17davidbenlinkissue2550724 messages
2011-09-05 01:18:17davidbencreate