On 2018-09-02 17:08:09, Brian May wrote:
> Antoine Beaupré <anar...@orangeseeds.org> writes:
>
>> What do you think? Should we push this forward?
>
> I am somewhat concerned that by fixing this we might be breaking
> something. Even if it is 100% broken behaviour, maybe some application
> depends on this?
>
> Is the potential attack bad enough to justify potential breakage? I am
> not absolutely convinced.
Well there *are* probably some XSS left. The solution would be similar
to the one I did in the DLA with little or no breakage.
A.
--
The class which has the power to rob upon a large scale has also the
power to control the government and legalize their robbery.
- Eugene V. Debs
