XSS attack prevention taken out of Template.pm?

Max Kanat-Alexander mkanat at bugzilla.org
Thu Feb 7 06:16:06 UTC 2008

Previous message (by thread): XSS attack prevention taken out of Template.pm?
Next message (by thread): XSS attack prevention taken out of Template.pm?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 4 Feb 2008 11:21:14 -0800 bill.winett at tektronix.com wrote:
>             xss => sub{

  That isn't even in Bugzilla *2.18* code. We don't use any such
filter--we have specific filters for HTML, JS, etc.

	-Max
-- 
http://www.everythingsolved.com/
Competent, Friendly Bugzilla and Perl Services. Everything Else, too.

Previous message (by thread): XSS attack prevention taken out of Template.pm?
Next message (by thread): XSS attack prevention taken out of Template.pm?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the developers mailing list