On Friday 05 March 2010 15:06:34 Sergiu Dumitriu wrote:
<snipped>
> {pre}{/pre} prevents re-rendering the content.
>
> The result with this is:
>
> A damn
> ----
> ruler
>
> Which again is a bit wrong, but this is a bug in the core, it always
> assumes that the content that it got from the title field is
> velocity+HTML, even if the page is in xwiki/2.0 syntax.
Do you happen to know the JIRA ticket for this bug? (if there is one?)
The {pre} seems to dodge some of the unwanted effects, but in turn makes
further editing the script difficult. Next time I edit the {pre} seems to have
disappeared, instead leaving a <p>-tag artifact depending on circumstances.
> CrossSiteScripting example: <script>alert('I pwnd U')</script>
> => bad, bad, bad
That is exatly what I would like to avoid, hehe. :)
Kind regards, Joel
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
