New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

html is being rendered from entries! #30

Open

berryma4 opened this issue Aug 13, 2015 · 1 comment

Member

berryma4 commented Aug 13, 2015

I'm not sure how I let this slip through. But, the operators found it.
We need to sanitize the entries before posting:
https://code.google.com/p/google-caja/wiki/RunningCaja
https://code.google.com/p/google-caja/wiki/PipelineConfiguration

I'm just glad I was able to fix it here before an tag was added in an entry ... it would have looked like a 90's MySpace page.

I need to do checks at the server too.

Member Author

berryma4 commented Aug 14, 2015

Note to self, change rest.js from 4441235 to::

("#log_description").text(desc).wrapInner("<pre></pre>").html();

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment