Closed GoogleCodeExporter closed 8 years ago
GoogleCodeExporter
commented
8 years ago To be more precise (on where it happened):
- I have a forum where users can embed images using BB-Code
- my own site was "Trusted" in ScriptNo
- imageshack was neither trusted/allowed nor explicitly blocked
- images were set to allowed (= checkbox not set, so images would never be
"disabled and removed")Original comment by martin.b...@googlemail.com on 11 Aug 2012 at 2:37
GoogleCodeExporter
commented
8 years ago You can test it with this site (found via google) and the following steps to
reproduce:
- open:
http://www.thephotoforum.com/forum/test-forum/218511-test-imageshack.html
- (all JS should be forbidden)
- open the ScriptSafe settings and make sure that [ ] <IMG> is NOT checked
- the image in the first post is visible
- allow JavaScript on www.thephotoforum.com temporarily
- (reload the page)
- the image in the first post is NOT visible anymore
- allow JavaScript (temporarily) for imageshack.com
- the image IS visible again
If you want I can try updating my patch so it applies against the latest
version of ScriptSafe.Original comment by martin.b...@googlemail.com on 28 Dec 2012 at 6:47
GoogleCodeExporter
commented
8 years ago Your patch will be integrated in the next release, the code for the particular
section wasn't modified since v1.0.6.2 :) Thanks!Original comment by andr...@gmail.com on 29 Dec 2012 at 2:03
GoogleCodeExporter
commented
8 years ago Implemented! Please confirm it is now fixed :)Original comment by andr...@gmail.com on 29 Dec 2012 at 9:46
GoogleCodeExporter
commented
8 years ago This is great - thank you!
It's working fine for me :-)Original comment by martin.b...@googlemail.com on 29 Dec 2012 at 11:04
GoogleCodeExporter
commented
8 years ago Perfect, thank you for confirming!Original comment by andr...@gmail.com on 29 Dec 2012 at 12:02
Original issue reported on code.google.com by
martin.b...@googlemail.comon 11 Aug 2012 at 2:33Attachments: