#3407: scripts aren't protected while loading content
-----------------------+----------------------------------------------------
Reporter: alfonsoml | Owner:
Type: Bug | Status: new
Priority: Normal | Milestone: CKEditor 3.0
Component: General | Version: SVN (CKEditor)
Keywords: |
-----------------------+----------------------------------------------------
Load this in source mode:
{{{
<script>alert(0)</script>
}}}
when you switch to design view the alert will show, so any script will be
executed instead of being protected.
--
Ticket URL: <http://dev.fckeditor.net/ticket/3407>
FCKeditor <http://www.fckeditor.net/>
The text editor for Internet
------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today.
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
FCKeditor-Trac mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fckeditor-trac
