You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by "Kevin Brown (JIRA)" <ji...@apache.org> on 2008/06/05 02:07:45 UTC
[jira] Created: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Implement gadgets.util.sanitizeHtml
-----------------------------------
Key: SHINDIG-346
URL: https://issues.apache.org/jira/browse/SHINDIG-346
Project: Shindig
Issue Type: Sub-task
Reporter: Kevin Brown
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Posted by Ropu <ro...@gmail.com>.
hmm, so whats the latest?
code. or .org?
and sanitize isnt just htmlspecialchars($html, ENT_QUOTES); or
strip_tags($html); ?
mainly leaving plain text
ropu
On Sun, Jun 8, 2008 at 4:29 PM, Kevin Brown (JIRA) <ji...@apache.org> wrote:
>
> [
> https://issues.apache.org/jira/browse/SHINDIG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603455#action_12603455]
>
> Kevin Brown commented on SHINDIG-346:
> -------------------------------------
>
> http://opensocial-resources.googlecode.com/svn/spec/0.8/gadgets/util.js is
> the canonical reference (it's also fairly vague, but at least it's defined).
> This is what's linked from opensocial.org, and contains what was agreed to
> on the spec discussion list.
>
> As to why code.google.com/apis/opensocial/... doesn't match what's on
> opensocial.org, I can't say. Dan Peterson would probably be able to
> straighten it out.
>
> > Implement gadgets.util.sanitizeHtml
> > -----------------------------------
> >
> > Key: SHINDIG-346
> > URL: https://issues.apache.org/jira/browse/SHINDIG-346
> > Project: Shindig
> > Issue Type: Sub-task
> > Reporter: Kevin Brown
> >
>
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
--
.-. --- .--. ..-
R o p u
[jira] Commented: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Posted by "Zhen Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603449#action_12603449 ]
Zhen Wang commented on SHINDIG-346:
-----------------------------------
This function is briefly mentioned in the v0.8 release notes (http://code.google.com/apis/opensocial/docs/releasenotes.html) but not defined in the API reference (http://code.google.com/apis/opensocial/docs/0.8/reference/gadgets/#gadgets.util).
It's also very vague how HTML should be sanitized by this function. I assume it's supposed to strip all JavaScript from the input. Correct me if I'm wrong.
> Implement gadgets.util.sanitizeHtml
> -----------------------------------
>
> Key: SHINDIG-346
> URL: https://issues.apache.org/jira/browse/SHINDIG-346
> Project: Shindig
> Issue Type: Sub-task
> Reporter: Kevin Brown
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12605480#action_12605480 ]
Brian Eaton commented on SHINDIG-346:
-------------------------------------
Nope, I'm tapped out on OAuth and the gadget security token right now. Talk to the Caja guys, maybe?
> Implement gadgets.util.sanitizeHtml
> -----------------------------------
>
> Key: SHINDIG-346
> URL: https://issues.apache.org/jira/browse/SHINDIG-346
> Project: Shindig
> Issue Type: Sub-task
> Reporter: Kevin Brown
> Assignee: Brian Eaton
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Brown updated SHINDIG-346:
--------------------------------
Assignee: Brian Eaton
Brian -- do you want to take this one? It was your proposal after all :)
> Implement gadgets.util.sanitizeHtml
> -----------------------------------
>
> Key: SHINDIG-346
> URL: https://issues.apache.org/jira/browse/SHINDIG-346
> Project: Shindig
> Issue Type: Sub-task
> Reporter: Kevin Brown
> Assignee: Brian Eaton
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-346) Implement gadgets.util.sanitizeHtml
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603455#action_12603455 ]
Kevin Brown commented on SHINDIG-346:
-------------------------------------
http://opensocial-resources.googlecode.com/svn/spec/0.8/gadgets/util.js is the canonical reference (it's also fairly vague, but at least it's defined). This is what's linked from opensocial.org, and contains what was agreed to on the spec discussion list.
As to why code.google.com/apis/opensocial/... doesn't match what's on opensocial.org, I can't say. Dan Peterson would probably be able to straighten it out.
> Implement gadgets.util.sanitizeHtml
> -----------------------------------
>
> Key: SHINDIG-346
> URL: https://issues.apache.org/jira/browse/SHINDIG-346
> Project: Shindig
> Issue Type: Sub-task
> Reporter: Kevin Brown
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.