[zope2-tracker] [Bug 491224] Re: Error page does not sanitize HTML, passes through potentially malicious Javascript
Martijn Pieters
launchpad.net at zopatista.com
Mon Jan 11 10:54:42 EST 2010
How does this fix relate to many exceptions within Zope that
deliberately contain HTML? Take a look at OFS.CopySupport for some
really horrible examples.
--
Error page does not sanitize HTML, passes through potentially malicious Javascript
https://bugs.launchpad.net/bugs/491224
You received this bug notification because you are a member of Zope 2
Developers, which is a direct subscriber.
More information about the zope2-tracker
mailing list