Message4555
This has been fixed by Ralf by disallowing all the tags (except <br>),
so the issue can be closed.
Note however that my patch escapes all the tags first, and then restores
only the allowed ones, so it should be as safe as the committed fix.
(I also noticed a minor mistake in the comment of the patch -- <a> is
not allowed anymore.) |
|
Date |
User |
Action |
Args |
2012-05-15 06:46:57 | ezio.melotti | set | messageid: <1337064417.37.0.336016653287.issue2550724@psf.upfronthosting.co.za> |
2012-05-15 06:46:57 | ezio.melotti | set | recipients:
+ ezio.melotti, schlatterbeck, ber, davidben |
2012-05-15 06:46:57 | ezio.melotti | link | issue2550724 messages |
2012-05-15 06:46:56 | ezio.melotti | create | |
|