coveralls
commented
9 years ago Coverage increased (+0.06%) to 91.39% when pulling f7c5097b9704a8c579bd79f14b77304740b349bb on sanitize-markdown into f3086c090c06eb6061c848dc1c7d06e5cf4c04d6 on master.
Closed pcantrell closed 9 years ago
coveralls
commented
9 years ago Coverage increased (+0.06%) to 91.39% when pulling f7c5097b9704a8c579bd79f14b77304740b349bb on sanitize-markdown into f3086c090c06eb6061c848dc1c7d06e5cf4c04d6 on master.
caseyhelbling
commented
9 years ago lets go with it... Sweet .
Prevents session descriptions & user bios from being able to clobber the rest of the page. (We currently have a couple of bios that are doing that with unclosed tags and bad style attributes.)
Also, although I haven’t investigated, the lack of sanitizing is probably a security risk.
I was a little concerned about the performance cost of this aggressive sanitizing on the schedule page, which invisibly renders all the session descs & bios in one huge blob, but some quick tests suggest it adds negligible time.
Fixes #70.