XSS attack prevention taken out of Template.pm?

Max Kanat-Alexander mkanat at bugzilla.org
Thu Feb 7 06:16:06 UTC 2008

On Mon, 4 Feb 2008 11:21:14 -0800 bill.winett at tektronix.com wrote:
>             xss => sub{

  That isn't even in Bugzilla *2.18* code. We don't use any such
filter--we have specific filters for HTML, JS, etc.

Competent, Friendly Bugzilla and Perl Services. Everything Else, too.

More information about the developers mailing list