https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=40659
--- Comment #11 from David Cook <[email protected]> --- (In reply to Andrew Fuerste-Henry from comment #10) > (In reply to David Cook from comment #8) > > However, for new code, I think that we want to do better - in any case. > > Can you provide some further detail on what "do better" would mean to you in > this situation? What is it about the approach on 39860 that meets your needs > better than the work here? Yeah for sure. I can DM you with more in-depth info, but here I'll say that bug 39860 uses the HTML::Scrubber to allow a safe range of HTML to be added. I'd add it's not about my needs, but rather the security of Koha as a whole. I'm just quite active in the security space. At some point, I hope to either add some additional coding guidelines or a separate "Safe Coding Guidelines" to complement the existing coding guidelines, which should then make things clearer. Thanks for the question! -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
