[TYPO3-core] RFC #11649: RemoveXSS corrupts HTML
Dmitry Dulepov
dmitry.dulepov at gmail.com
Mon Dec 7 11:38:43 CET 2009
Hi!
Thunderbird 3RC1 sends wrong mime types for diff files. Here is this file again.
On 07/12/2009 12:24, Dmitry Dulepov wrote:
> Hi!
>
> This is SVN patch request.
>
> Type: bug
>
> Branches: 4.2, 4.3, trunk
>
> BT reference: http://bugs.typo3.org/view.php?id=11649
>
> Problem: RemoveXSS corrupts HTML in certain cases. For example, `<div
> style="x:y">test</div>` becomes `<div st<x>="x:y">test</div>`.
>
> Solution: change default replacement string from <x> to rmxss. Than HTML
> becomes`<div strmxss="x:y">test</div>`
>
--
Dmitry Dulepov
"Trust me, I am a doctor!" (c) Gregory House, M.D.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 11649.diff
Type: text/x-diff
Size: 637 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20091207/308cd22d/attachment.diff>
More information about the TYPO3-team-core
mailing list