[Commotion-admin] [luci-commotion] Splash: Upload field allows invalid input (#420)
Dan Staples
notifications at github.com
Thu Oct 2 13:52:20 EDT 2014
So I'm ambivalent. Either we leave this as it is, trusting the safety of LuCI's authentication system, or we impose strict limitations on what kind of markup can be included in the uploaded file (e.g. no <script> tags).
Thoughts?
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/luci-commotion/issues/420#issuecomment-57671379
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20141002/2dbadb7c/attachment.html>
More information about the Commotion-admin
mailing list