Message4412
Agreed. Allowing arbitrary HTML specified in the URL like this is sloppy and extremely prone to
XSS attacks. But in absence of redesigning the messages altogether, the filter should be as
absolutely strict as possible. |
|
Date |
User |
Action |
Args |
2011-09-05 01:18:17 | davidben | set | messageid: <1315185497.59.0.655888807546.issue2550724@psf.upfronthosting.co.za> |
2011-09-05 01:18:17 | davidben | set | recipients:
+ davidben, ezio.melotti |
2011-09-05 01:18:17 | davidben | link | issue2550724 messages |
2011-09-05 01:18:17 | davidben | create | |
|