[Zope-CMF] Undo interface

Shane Hathaway shane@digicool.com
Mon, 11 Jun 2001 10:24:28 -0400


Chris Withers wrote:
> 
> Shane Hathaway wrote:
> >
> > I think there would be security implications in what you propose.  I could
> > be wrong.
> 
> What would they be?

- Putting HTML or JavaScript in the transaction description.

- Putting too much data in the notes.

- Clearing or replacing the note after cracking something.

But these can all be dealt with.  Now what's the priority (since the
main problem, where strange notes were added unnecessarily, has already
been fixed)?

Shane