Is the problem that exploit js code can be directly embedded into the worksheet, or is the problem that UW doesn't allow any anonymous user content at all? The former can of course be fixed, indeed we should scrub html() output and verify served images. The latter would be a human problem that can't be fixed in code ;-)
On Wednesday, October 3, 2012 2:00:34 PM UTC+1, Jason Grout wrote: > > To my understanding, public worksheets on the current sagenb.org server > are disabled indefinitely (mainly because of liability of hosting > anonymous user content for public access, IIRC). > -- You received this message because you are subscribed to the Google Groups "sage-support" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sage-support?hl=en.
