12 Jun
2010
12 Jun
'10
5:30 p.m.
Joel Forsberg wrote:
Do you happen to know the JIRA ticket for this bug? (if there is one?)
http://jira.xwiki.org/jira/browse/XE-24 but it is for previous search engine.
The {pre} seems to dodge some of the unwanted effects, but in turn makes further editing the script difficult. Next time I edit the {pre} seems to have disappeared, instead leaving a <p>-tag artifact depending on circumstances.
CrossSiteScripting example: <script>alert('I pwnd U')</script> => bad, bad, bad That is exatly what I would like to avoid, hehe. :)
-- If you want to get to the top, you have to start at the bottom