You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@roller.apache.org by "Dave Johnson (JIRA)" <ji...@apache.org> on 2012/05/22 04:43:41 UTC

[jira] [Created] (ROL-1943) Option to HTML sanitize weblog content

Dave Johnson created ROL-1943:
---------------------------------

             Summary: Option to HTML sanitize weblog content
                 Key: ROL-1943
                 URL: https://issues.apache.org/jira/browse/ROL-1943
             Project: Roller
          Issue Type: Improvement
          Components: Page Rendering & Management
    Affects Versions: 5.0
            Reporter: Dave Johnson
            Assignee: Roller Unassigned
             Fix For: 5.0.1


Introduce a new startup property 'weblogAdminsUnstrusted', a boolean that when set to true will cause all HTML produced by webloggers to be HTML sanitized (i.e. no JavaScript or other potentially dangerous dynamic content)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Resolved] (ROL-1943) Option to HTML sanitize weblog content

Posted by "Dave Johnson (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/ROL-1943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dave Johnson resolved ROL-1943.
-------------------------------

    Resolution: Fixed
      Assignee: Dave Johnson  (was: Roller Unassigned)

Fixed in the roller_5.0 branch

http://svn.apache.org/viewvc?view=revision&revision=1340501
                
> Option to HTML sanitize weblog content
> --------------------------------------
>
>                 Key: ROL-1943
>                 URL: https://issues.apache.org/jira/browse/ROL-1943
>             Project: Roller
>          Issue Type: Improvement
>          Components: Page Rendering & Management
>    Affects Versions: 5.0
>            Reporter: Dave Johnson
>            Assignee: Dave Johnson
>             Fix For: 5.0.1
>
>
> Introduce a new startup property 'weblogAdminsUnstrusted', a boolean that when set to true will cause all HTML produced by webloggers to be HTML sanitized (i.e. no JavaScript or other potentially dangerous dynamic content)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira