Matt Cohen wrote: >I know about setting the Scrubber/santizer settings in mm_cfg.py as >per this FAQ entry: > >http://www.python.org/cgi-bin/faqw-mm.py?req=edit&file=faq04.037.htp > >But is there a way to make it apply on a per-list basis rather than >server-wide?
No there isn't. The reason for this is that this allows cross site scripting (XSS) atacks against the entire server by archiving potentially malicious HTML. This is a server-wide vulnerability so it should be up to the server administrators to enable it. We could treat the option differently, as for example we do with OWNERS_CAN_ENABLE_PERSONALIZATION, but since we highly discourage this option anyway, no one has made the effort to implement this. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
