Message4550
On 14/05/12 08:20 +0000, Bernhard Reiter wrote:
> Cédric, ah good idea.
> I've tried to find out why NotFound does not use the message,
> which in itself may be an issue with the codebase.
I don't think, there is an issue with NotFound indeed I was
misunderstanding his usage.
> However we may still have an issue with your patch:
> The column name may contain arbitrary user input, thus it may be used
> to do a cross scripting attack, we should check if it is properly
> sanitized. What do you think?
Is there any sanitize method available in roundup? |
|
Date |
User |
Action |
Args |
2012-05-14 08:29:27 | ced | set | recipients:
+ ced, schlatterbeck, ber, willkg |
2012-05-14 08:29:27 | ced | link | issue2550712 messages |
2012-05-14 08:29:27 | ced | create | |
|