On 2018-09-02 17:08:09, Brian May wrote: > Antoine Beaupré <anar...@orangeseeds.org> writes: > >> What do you think? Should we push this forward? > > I am somewhat concerned that by fixing this we might be breaking > something. Even if it is 100% broken behaviour, maybe some application > depends on this? > > Is the potential attack bad enough to justify potential breakage? I am > not absolutely convinced.
Well there *are* probably some XSS left. The solution would be similar to the one I did in the DLA with little or no breakage. A. -- The class which has the power to rob upon a large scale has also the power to control the government and legalize their robbery. - Eugene V. Debs