From: Joshua W. <qbg...@gm...> - 2013-07-14 18:38:52
|
http://lmms.sourceforge.net/lsp/index.php?action=show&file=3983 Yeah. Oh, and after about 30 seconds, it redirects. .___. -- Josh qbg...@gm... |
From: Tobias D. <tob...@gm...> - 2013-07-15 18:30:58
|
Hi, thanks for pointing out this issue! I removed all comments of this guy and also changed comments and descriptions to be text-only (i.e. all HTML etc. is escaped). The only drawback is that you can't embed things like soundcloud projects anymore but security is more important here than convenience. Probably there are more areas to fix but for the time being, this should work out. Best regards Toby |
From: Tres F. <tre...@gm...> - 2013-07-15 18:36:37
|
Thanks Toby. We can always copy/paste hyperlinks. Soundcloud is the most prominent one we see if you do have a way of limiting it to just a few tags. -Tres On Mon, Jul 15, 2013 at 2:30 PM, Tobias Doerffel <tob...@gm...>wrote: > Hi, > > thanks for pointing out this issue! I removed all comments of this guy > and also changed comments and descriptions to be text-only (i.e. all > HTML etc. is escaped). The only drawback is that you can't embed > things like soundcloud projects anymore but security is more important > here than convenience. Probably there are more areas to fix but for > the time being, this should work out. > > Best regards > > Toby > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > Lmms-users mailing list > Lmm...@li... > https://lists.sourceforge.net/lists/listinfo/lmms-users > -- - Tre...@gm... |
From: <nwt...@gm...> - 2013-07-16 21:06:51
|
<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> <div class="moz-cite-prefix">Doesn't SoundCloud also provide Wordpress Embed codes or something? Is that more secure?<br> <br> On 7/15/2013 11:36 AM, Tres Finocchiaro wrote:<br> </div> <blockquote cite="mid:CAN...@ma..." type="cite">Thanks Toby. <div><br> We can always copy/paste hyperlinks.</div> <div><br> </div> <div>Soundcloud is the most prominent one we see if you do have a way of limiting it to just a few tags.</div> <div><br> </div> <div>-Tres<br> <br> <div class="gmail_quote"> On Mon, Jul 15, 2013 at 2:30 PM, Tobias Doerffel <span dir="ltr"><<a moz-do-not-send="true" href="mailto:tob...@gm..." target="_blank">tob...@gm...</a>></span> wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Hi,<br> <br> thanks for pointing out this issue! I removed all comments of this guy<br> and also changed comments and descriptions to be text-only (i.e. all<br> HTML etc. is escaped). The only drawback is that you can't embed<br> things like soundcloud projects anymore but security is more important<br> here than convenience. Probably there are more areas to fix but for<br> the time being, this should work out.<br> <br> Best regards<br> <br> Toby<br> <br> ------------------------------------------------------------------------------<br> See everything from the browser to the database with AppDynamics<br> Get end-to-end visibility with application monitoring from AppDynamics<br> Isolate bottlenecks and diagnose root cause in seconds.<br> Start your free trial of AppDynamics Pro today!<br> <a moz-do-not-send="true" href="http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk</a><br> _______________________________________________<br> Lmms-users mailing list<br> <a moz-do-not-send="true" href="mailto:Lmm...@li...">Lmm...@li...</a><br> <a moz-do-not-send="true" href="https://lists.sourceforge.net/lists/listinfo/lmms-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/lmms-users</a><br> </blockquote> </div> <br> <br clear="all"> <div><br> </div> -- <br> - <a moz-do-not-send="true" href="mailto:Tre...@gm...">Tre...@gm...</a> </div> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! <a class="moz-txt-link-freetext" href="http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk">http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk</a></pre> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Lmms-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Lmm...@li...">Lmm...@li...</a> <a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/lmms-users">https://lists.sourceforge.net/lists/listinfo/lmms-users</a> </pre> </blockquote> <br> </body> </html> |
From: Tres F. <tre...@gm...> - 2013-07-17 15:57:05
|
> Doesn't SoundCloud also provide Wordpress Embed codes or something? Is that more secure? Yes they do. It's slightly more secure. The idea is that wordpress has "allowed" embed codes. From my understanding, LSP does not run on top of wordpress, so control is not as easily configured as wordpress. To do this as you are saying, Tobias would likey have to implement his (django?) own wordpress handler, which may take time. -Tres On Tue, Jul 16, 2013 at 5:04 PM, <nwt...@gm...> wrote: > Doesn't SoundCloud also provide Wordpress Embed codes or something? Is that > more secure? > > > On 7/15/2013 11:36 AM, Tres Finocchiaro wrote: > > Thanks Toby. > > We can always copy/paste hyperlinks. > > Soundcloud is the most prominent one we see if you do have a way of limiting > it to just a few tags. > > -Tres > > On Mon, Jul 15, 2013 at 2:30 PM, Tobias Doerffel <tob...@gm...> > wrote: >> >> Hi, >> >> thanks for pointing out this issue! I removed all comments of this guy >> and also changed comments and descriptions to be text-only (i.e. all >> HTML etc. is escaped). The only drawback is that you can't embed >> things like soundcloud projects anymore but security is more important >> here than convenience. Probably there are more areas to fix but for >> the time being, this should work out. >> >> Best regards >> >> Toby >> >> >> ------------------------------------------------------------------------------ >> See everything from the browser to the database with AppDynamics >> Get end-to-end visibility with application monitoring from AppDynamics >> Isolate bottlenecks and diagnose root cause in seconds. >> Start your free trial of AppDynamics Pro today! >> >> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk >> _______________________________________________ >> Lmms-users mailing list >> Lmm...@li... >> https://lists.sourceforge.net/lists/listinfo/lmms-users > > > > > -- > - Tre...@gm... > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Lmms-users mailing list > Lmm...@li... > https://lists.sourceforge.net/lists/listinfo/lmms-users > > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > Lmms-users mailing list > Lmm...@li... > https://lists.sourceforge.net/lists/listinfo/lmms-users > -- - Tre...@gm... |
From: Jonathan A. <eag...@gm...> - 2013-07-17 16:14:14
|
In terms of LSP i had to put that on hold for a while sadly as I was in the middle of my thesis and only now i can start to pick it back up :( i have not forgotten so my apologies in terms of rewriting lsp :( On Wed, Jul 17, 2013 at 5:56 PM, Tres Finocchiaro < tre...@gm...> wrote: > > Doesn't SoundCloud also provide Wordpress Embed codes or something? Is > that more secure? > > Yes they do. It's slightly more secure. The idea is that wordpress > has "allowed" embed codes. From my understanding, LSP does not run on > top of wordpress, so control is not as easily configured as wordpress. > > To do this as you are saying, Tobias would likey have to implement his > (django?) own wordpress handler, which may take time. > > -Tres > > > On Tue, Jul 16, 2013 at 5:04 PM, <nwt...@gm...> wrote: > > Doesn't SoundCloud also provide Wordpress Embed codes or something? Is > that > > more secure? > > > > > > On 7/15/2013 11:36 AM, Tres Finocchiaro wrote: > > > > Thanks Toby. > > > > We can always copy/paste hyperlinks. > > > > Soundcloud is the most prominent one we see if you do have a way of > limiting > > it to just a few tags. > > > > -Tres > > > > On Mon, Jul 15, 2013 at 2:30 PM, Tobias Doerffel < > tob...@gm...> > > wrote: > >> > >> Hi, > >> > >> thanks for pointing out this issue! I removed all comments of this guy > >> and also changed comments and descriptions to be text-only (i.e. all > >> HTML etc. is escaped). The only drawback is that you can't embed > >> things like soundcloud projects anymore but security is more important > >> here than convenience. Probably there are more areas to fix but for > >> the time being, this should work out. > >> > >> Best regards > >> > >> Toby > >> > >> > >> > ------------------------------------------------------------------------------ > >> See everything from the browser to the database with AppDynamics > >> Get end-to-end visibility with application monitoring from AppDynamics > >> Isolate bottlenecks and diagnose root cause in seconds. > >> Start your free trial of AppDynamics Pro today! > >> > >> > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > >> _______________________________________________ > >> Lmms-users mailing list > >> Lmm...@li... > >> https://lists.sourceforge.net/lists/listinfo/lmms-users > > > > > > > > > > -- > > - Tre...@gm... > > > > > > > ------------------------------------------------------------------------------ > > See everything from the browser to the database with AppDynamics > > Get end-to-end visibility with application monitoring from AppDynamics > > Isolate bottlenecks and diagnose root cause in seconds. > > Start your free trial of AppDynamics Pro today! > > > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > > > > > > > > _______________________________________________ > > Lmms-users mailing list > > Lmm...@li... > > https://lists.sourceforge.net/lists/listinfo/lmms-users > > > > > > > > > ------------------------------------------------------------------------------ > > See everything from the browser to the database with AppDynamics > > Get end-to-end visibility with application monitoring from AppDynamics > > Isolate bottlenecks and diagnose root cause in seconds. > > Start your free trial of AppDynamics Pro today! > > > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > > _______________________________________________ > > Lmms-users mailing list > > Lmm...@li... > > https://lists.sourceforge.net/lists/listinfo/lmms-users > > > > > > -- > - Tre...@gm... > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > Lmms-users mailing list > Lmm...@li... > https://lists.sourceforge.net/lists/listinfo/lmms-users > -- Jonathan Aquilina |