- **summary**: Boards - input validation Problem! --> HTML input validation problem - **Comment**:
We looked into this some time ago and it is hard to fix. The issue is that Markdown allows some safe HTML tags that can affect layout (table, list items, etc) and if you have incomplete tags (e.g. `<li>` on its own, iirc) then that can affect the layout of the whole page. --- ** [tickets:#7846] HTML input validation problem** **Status:** open **Milestone:** unreleased **Labels:** support ss-9878 **Created:** Thu Mar 05, 2015 06:26 PM UTC by John Barrett **Last Updated:** Thu Mar 05, 2015 06:32 PM UTC **Owner:** nobody https://sourceforge.net/p/forge/site-support/9878/ [forge:site-support:#9878] --- Hello, tried to explain a possible XSS Vulerability within OSS-PHP Projects in the Boards ... well ... my Code "broke" Board-Layout and also some Functionality ... not able to Edit those Entries anymore ... Maybe some more Input Sanitation would help? :) URL: https://sourceforge.net/p/opensearchserve/discussion/947147/thread/dbbe183b/ Andreas Schnederle-Wagner ---- Chatted with Engineering about this and was asked to escalate --- Sent from forge-allura.apache.org because [email protected] is subscribed to https://forge-allura.apache.org/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
