[perl #38183] [TODO] smoke - possible 'Cross Site Scripting' issue
瀏覽次數:0 次
跳到第一則未讀訊息
Joshua Hoblitt
未讀,
2006年1月7日 下午5:41:392006/1/7
刪除
你的權限不足,無法在這個群組刪除訊息
複製連結
檢舉訊息
顯示原始貼文
該群組的電子郵件地址為匿名,或你需要檢視成員電子郵件地址的權限才能查看原始貼文
收件者:bugs-bi...@rt.perl.org
# New Ticket Created by Joshua Hoblitt # Please include the string: [perl #38183] # in the subject line of all future correspondence about this issue. # <URL: https://rt.perl.org/rt3/Ticket/Display.html?id=38183 >
The current smoke system submits HTML directly to the smoke server. This is just begging to be abused. Instead the system should submit raw data that can be validated by the smoke server and then marked up for presentation.