Menu
▾
▴
[Nms-cgi-devel] Re: [Nms-cgi-commits] CVS Commit guestbook.pl
|
From: Nick C. <ni...@cl...> - 2001-12-18 22:36:29
|
On Tue, Dec 18, 2001 at 02:21:13PM -0800, Nick Cleaton wrote: > > Modified Files: > guestbook.pl > Log Message: > * minor HTML filter fixes > * started on allowing the style attribute Just allowing the color style so far. > * added non-XHTML (but harmless) NOBR tag Dave, is that OK ? I added it because it was the one harmless tag that the filter rejected when I pasted the front page of slashdot into the guestbook. We could just strip it out, or try to be clever and strip it out but s/ / /g until </nobr>. So, is munging the guestbook postings into truly valid XHTML a priority, or are we happy with anything that's secure against malicious scripting constructs ? -- Nick |
