From: SourceForge.net <no...@so...> - 2007-10-16 15:18:14
|
Bugs item #1808872, was opened at 2007-10-07 09:02 Message generated for change (Comment added) made by kymara You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=101111&aid=1808872&group_id=1111 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 9 Private: No Submitted By: Hendrik (nhnb) Assigned to: ChadF (chad3f) Summary: title handling broken Initial Comment: The untrusted title-attribute is now used in lots of places which need trusted data. Title was originally added to have a way to change the visible displayed above the the health bar. There is a boken workaround in AdministratorAction which prevents admins from settings this value: 1. it prevents legit use 2. it does not prevent changing the title before release ---------------------------------------------------------------------- >Comment By: Katie (kymara) Date: 2007-10-16 16:18 Message: Logged In: YES user_id=1560922 Originator: NO Can someone document what the changes in title attribute mean I should do in future raids etc. You mention a NameChange, can this be explained. Do I not use /alter title now? ---------------------------------------------------------------------- Comment By: ChadF (chad3f) Date: 2007-10-07 19:52 Message: Logged In: YES user_id=1668474 Originator: NO Originally, it did *more* than just change the visual title. It also affected name lookups (e.g. /where, /msg, etc..). The only significant thing is didn't do is change the chat/event text output related to those entities. I don't see how it prevents legitimate use, since the NameChange script that was created to change the title still exists. Since the alter privilege is the only thing below full admin level, why would anyone what can't be trusted have been given this access level in the first place? One option is to make the attribute volatile, since there seems few reasons it would need to persist between logins. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=101111&aid=1808872&group_id=1111 |