[typo] XSS vulnerability?
Kevin Ballard
kevin at sb.org
Sat Nov 26 19:44:07 EST 2005
I just ran `rake' on my trunk and got no failures at all. And yet the
example XSS mostly works for me (it doesn't actually display an alert
because my textfilter translates " into an entity, but that can be
worked around).
On Nov 26, 2005, at 8:45 AM, Scott Laird wrote:
> Argh! It's supposed to be filtered. What happens when you run
> 'rake'? There's are several XSS-related tests, do any tests fail?
--
Kevin Ballard
kevin at sb.org
http://www.tildesoft.com
http://kevin.sb.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2378 bytes
Desc: not available
Url : http://rubyforge.org/pipermail/typo-list/attachments/20051126/19a3eefa/smime.bin
More information about the Typo-list
mailing list