Hey Torsten, 2009/3/20 Torsten Schulz <[email protected]>: > Hello, > > I know about security-problems with iframe, but it is nessesary for my > applicatione to use it. > So is it possible to use iframe without change the XSSFilter.C? Use it in > xml-file doesn't work, but (Security-Hole!) use it in unknown tr-tag works > (but only with the ?? at start and end). > example: WString::tr("<iframe...></iframe>") let show the iframe.
Good observation... perhaps we should still use the XSSFilter on the key if the tr() does not resolve... But what you probably want is WText::setTextFormat(XHTMLUnsafeText); Regards, koen ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ witty-interest mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/witty-interest
