On Wed, Oct 3, 2012 at 8:15 AM, Volker Braun <[email protected]> wrote: > Is the problem that exploit js code can be directly embedded into the > worksheet, or is the problem that UW doesn't allow any anonymous user > content at all? The former can of course be fixed, indeed we should scrub > html() output and verify served images.
The former. Fix it and post a patch. William -- You received this message because you are subscribed to the Google Groups "sage-support" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sage-support?hl=en.
