-
-
While working on #6487, I stumbled upon a few problems:
1. `theme_icon()` was not allowing the use of `` elements in SVGs (they were being stripped out), while it was for example allowing ``, ``, `` …
-
```
put a Filtering class that validates/sanitises data input
```
Original issue reported on code.google.com by `anast...@gmail.com` on 25 Jan 2012 at 6:15
-
```
put a Filtering class that validates/sanitises data input
```
Original issue reported on code.google.com by `anast...@gmail.com` on 25 Jan 2012 at 6:15
-
I have more research to do on this issue--I'm not sure if cross-site scripting is even possible on my site (yet), but, where there's a will there's a way.
-
```
put a Filtering class that validates/sanitises data input
```
Original issue reported on code.google.com by `anast...@gmail.com` on 25 Jan 2012 at 6:15
-
```
put a Filtering class that validates/sanitises data input
```
Original issue reported on code.google.com by `anast...@gmail.com` on 25 Jan 2012 at 6:15
-
```
put a Filtering class that validates/sanitises data input
```
Original issue reported on code.google.com by `anast...@gmail.com` on 25 Jan 2012 at 6:15
-
When using the code editors I typically experience xss filters that prevent me from submitting. These are either browser reflected xss filters or apache mod_sec.
Avoiding these can be done via ajax s…
-
ok we need to sanitize all our outputs obviously, but we also should update our xss filter to prevent proof of concepts. We are a moving target now that security company's have us I their databases.
…