On 14 March 2014 04:56, David Anderson <[email protected]> wrote:
> Oops! Please try that again; should be prevented now. > -- David > Ok, that's fixed. Other issues: The RSS feed for forum posts doesn't escape HTML in posts by any user. Also truncating posts can break tags. Project tester aren't special users (I don't know if you intended it that way.) Normal users can post HTML by tricking a special user to quote it in another post. Old posts that contain HTML that was intended as plain text is now real HTML. HTML is allowed in all forums (I don't know if you intended it that way.) Usability issues: HTML tags are escaped when post is previewed. There's no hint that HTML is allowed. Special users need to escape HTML special characters themselves now. Allowing HTML can break old posts. E.g. post contains a<b and browser sees <b as start of tag. On the assumption that HTML is needed rarely perhaps having a checkbox that enables HTML instead of always-on would be better? (Back to _dev so others can voice their opinions too.) -Juha _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
