Roundup Tracker - Issues

Message4412

Author davidben
Recipients davidben, ezio.melotti
Date 2011-09-05.01:18:17
Message-id <1315185497.59.0.655888807546.issue2550724@psf.upfronthosting.co.za>
In-reply-to
Agreed. Allowing arbitrary HTML specified in the URL like this is sloppy and extremely prone to 
XSS attacks. But in absence of redesigning the messages altogether, the filter should be as 
absolutely strict as possible.
History
Date User Action Args
2011-09-05 01:18:17davidbensetmessageid: <1315185497.59.0.655888807546.issue2550724@psf.upfronthosting.co.za>
2011-09-05 01:18:17davidbensetrecipients: + davidben, ezio.melotti
2011-09-05 01:18:17davidbenlinkissue2550724 messages
2011-09-05 01:18:17davidbencreate