<p><a href="https://github.com/critzo"><img src="https://avatars.githubusercontent.com/u/4633345?" align="left" width="48" height="48" hspace="10" style="max-width:100%;"></a> <strong>Comment by <a href="https://github.com/critzo">critzo</a></strong><br><em>Thursday Nov 21, 2013 at 19:31 GMT</em></p>

<hr><p>Tested <a href="https://github.com/opentechinstitute/luci-commotion/pull/1" class="issue-link" title="moved commotion_helpers lib from commotion-apps to luci-commotion">#1</a>,2 </p>

<ul class="task-list">
<li>Malicious code does seem to get sanitized, though it is included in the values submitted as it appears in the debug file</li>
<li>Submitting the form with all blank values does not spawn an error, but also still provides the user with a downloadable file. Is this the expected behavior?</li>
</ul>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>Reply to this email directly or <a href="https://github.com/opentechinstitute/luci-commotion/issues/224#issuecomment-46467946">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/3074564__eyJzY29wZSI6Ik5ld3NpZXM6QmVhY29uIiwiZXhwaXJlcyI6MTcxODczMjI2NiwiZGF0YSI6eyJpZCI6MzQ5ODAwNzB9fQ==--ec9bea3fc00294592844f9b05b898dc27bf44888.gif" width="1" /></p>