Thanks Greg and John! I think the trello card summarizes it well. Looking
forward to the solution ;)
From: jmchil...@gmail.com [mailto:jmchil...@gmail.com] On Behalf Of John Chilton
Sent: woensdag 15 januari 2014 16:01
To: Greg Von Kuster
Cc: Lukasse, Pieter; firstname.lastname@example.org Dev
Subject: Re: [galaxy-dev] sanitize_all_html option
Hey Greg and Pieter,
Thanks for the report. This would seem to be an important feature if there are
going to be a lot of tools producing rich HTML output - though I wonder if in
some of these cases the visualization plugin framework might be the superior
way to render these results (though admittedly no tool shed integration then).
I have created a Trello card here - please vote, comment, etc... :
On Mon, Jan 13, 2014 at 9:21 AM, Greg Von Kuster <g...@bx.psu.edu> wrote:
> Hello Pieter,
> Please make sure to address items like this to the
> email@example.com mailing list rather than individual email
> accounts as that will ensure more timely responses that include more
> optimal feedback.
> Sanitizing values from input text fields on tools and other Galaxy
> forms is an essential part of ensuring that the values will not wreak
> havoc within the Galaxy environment. Opening this up to being
> optional may be a concern to some Galaxy administrators. In any case,
> the Tool Shed probably should not have the ability to define the use
> of this feature since it has no affect within any of the Tool Shed
> environment ( only Galaxy or other applications in which things are
> installed from the Tool Shed will be affected ). So if it is decided
> by the Galaxy community that this feature ( i.e., sanitizing form text
> field values ) should be enhanced or altered, changes should be made
> within the Galaxy environment rather than the Tool Shed.
> As input regarding this request comes in from the community, perhaps
> we can create an appropriate Trello card to capture the direction we should
> Thanks very much for your request on this!
> Greg Von Kuster
> On Jan 13, 2014, at 6:16 AM, "Lukasse, Pieter" <pieter.luka...@wur.nl>
> Hi Greg,
> I have some tools which produce HTML and the default setting of the
> option sanitize_all_html will give problems and/or make the output
> look ugly. Would it be an option to let the administrator decide, for
> each tool he installs, whether this option should apply or not? Now is
> a global setting which applies to all tools, and in practice this
> results in it being set to "false"....which means that in practice
> this is a "pseudo security item" as it will not be used that often.
> The alternative I have been thinking about is to add a checkbox to the
> "manage repository" screen to allow the admin to turn this feature
> on/off for a specific repository. See also the screenshot below. Maybe
> you are already working in this direction, but I thought I'd just
> share this idea with you.
> Best regards,
> Pieter Lukasse
> Wageningen UR, Plant Research International
> Departments of Bioscience and Bioinformatics
> Wageningen Campus, Building 107, Droevendaalsesteeg 1, 6708 PB,
> Wageningen, the Netherlands
> +31-317481122; skype: pieter.lukasse.wur
> Please keep all replies on the list by using "reply all"
> in your mail client. To manage your subscriptions to this and other
> Galaxy lists, please use the interface at:
> To search Galaxy mailing lists use the unified search at:
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
To search Galaxy mailing lists use the unified search at: