Closed GoogleCodeExporter closed 9 years ago
Added in revision 488. There is now a constant to control this in
PwmConstants.properties. It's possible the default maybe disabled, but for now
its enabled.
Having HTML in error messages can be undesirable for two reasons:
1) error messages need to be displayed in logs or other auditing systems
2) in some cases user-supplied data may be used in error messages meaning the
HTML should be escaped or it could allow injection attacks.
Original comment by jrivard
on 26 Nov 2012 at 1:34
2 thumbs up for a fast resolution!
Will merge the change on our DEV to check the results. Thanks again.
Original comment by mateusz....@gmail.com
on 26 Nov 2012 at 8:31
Original issue reported on code.google.com by
mateusz....@gmail.com
on 30 Oct 2012 at 3:41