[openguides-tickets] [OpenGuides] #68: Malformed user name input not blocked by preferences template

5 Dec 2005


      #68: Malformed user name input not blocked by preferences template
--------------------------+-------------------------------------------------
Reporter:  earle          |       Owner:  dom       
    Type:  defect         |      Status:  new       
Priority:  normal         |   Component:  openguides
 Version:  svn            |    Severity:  normal    
Keywords:  templates cgi  |  
--------------------------+-------------------------------------------------
If you put something like
 {{{
 <a href="http://example.com/">Foo</a>
 }}}
 into the preferences page as your username, the edit form gets broken.
 (See attachment.) The username should be unescaped or some such before
 being set in the preferences cookie.
-- 
Ticket URL: http://dev.openguides.org/ticket/68
OpenGuides http://openguides.org/
The OpenGuides city guides project

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[openguides-tickets] [OpenGuides] #68: Malformed user name input not blocked by preferences template