You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by "Kevin Brown (JIRA)" <ji...@apache.org> on 2008/06/10 19:10:45 UTC

[jira] Commented: (SHINDIG-377) Remove UNPARSEABLE_CRUFT

    [ https://issues.apache.org/jira/browse/SHINDIG-377?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603936#action_12603936 ] 

Kevin Brown commented on SHINDIG-377:
-------------------------------------

The latter part of the problem isn't really addressed (passing the url in headers / using POST).

I'd say we should remove the comment rather than the cruft for now.

> Remove UNPARSEABLE_CRUFT
> ------------------------
>
>                 Key: SHINDIG-377
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-377
>             Project: Shindig
>          Issue Type: Bug
>          Components: Features (Javascript), Gadget Rendering Server (Java), Gadget Rendering Server (PHP)
>            Reporter: Chris Chabot
>
> features/core.io/io.js has the following todo (line 112):
> // remove unparseable cruft.
> // TODO: really remove this by eliminating it. It's not any real security
> //    to begin with, and we can solve this problem by using post requests
> //    and / or passing the url in the http headers.
> Shall we go ahead and remove it then? Or otherwise if there is still a good reason for it being there, remove the comment?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.