[Grok-dev] security notifications in grokui.admin
Uli Fouquet
uli at gnufix.de
Tue Dec 23 11:40:59 EST 2008
Hi there,
Wichert Akkerman wrote:
> Previously Uli Fouquet wrote:
> > - If the `SecurityNotifier` is enabled, it looks up
> > http:grok.zope.org/releaseinfo/ for a file named like
> >
> > grok-0.14.1.security.txt
> >
> > and displays its content literally if any. If no such file is found,
> > nothing is displayed.
>
> Escaped I hope? That file should probably not be able to insert markup.
Well, yeah, escaped. I am not sure about this, because it could also be
nice to insert links to upgrade pages or something like this.
Best regards,
--
Uli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.zope.org/pipermail/grok-dev/attachments/20081223/bc37604a/attachment.bin
More information about the Grok-dev
mailing list