[typo] XSS vulnerability?

Kevin Ballard kevin at sb.org
Sat Nov 26 19:44:07 EST 2005

I just ran `rake' on my trunk and got no failures at all. And yet the  
example XSS mostly works for me (it doesn't actually display an alert  
because my textfilter translates " into an entity, but that can be  
worked around).

On Nov 26, 2005, at 8:45 AM, Scott Laird wrote:

> Argh!  It's supposed to be filtered.  What happens when you run
> 'rake'?  There's are several XSS-related tests, do any tests fail?

Kevin Ballard
kevin at sb.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2378 bytes
Desc: not available
Url : http://rubyforge.org/pipermail/typo-list/attachments/20051126/19a3eefa/smime.bin

More information about the Typo-list mailing list