search

chenbo007 / svg-edit

Automatically exported from code.google.com/p/svg-edit
0 stars 0 forks source link

Charset declaration #77

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
#### Subject ####
http://code.google.com/p/svg-edit/source/browse/trunk/editor/svg-
editor.html

#### Possible Problem ####
The charset declaration is missing within the HTML document. This can lead 
to problems if a third person is integrating the editor within his website 
and the web server sends the information that it's using a different 
charset (e.g. ISO 8859-1). This is most likely going to produce errors 
when it comes to internationalization.

#### Solution ####
An additional META-tag directly after the opening <head>-tag can solve 
this possible problem.

<head>
  <meta http-equiv="Content-type" content="text/html;charset=UTF-8" />

#### PS ####
Additionally, if this would be an editor with server scripts, the missing 
of this declaration directly after the opening <head>-tag opens the doors 
for XSS-attacks.

Original issue reported on code.google.com by fleshgri...@gmail.com on 20 Jul 2009 at 10:56

GoogleCodeExporter commented 9 years ago 
Thanks a lot for this!

Fixed on trunk @ r335.
Fixed on 2.1 branch @ r336.
Fixed on 2.2 branch @ r338.

Updated stable tag to point to latest 2.2

Original comment by codedr...@gmail.com on 20 Jul 2009 at 2:01