Hey Greg and Pieter,
Thanks for the report. This would seem to be an important feature if
there are going to be a lot of tools producing rich HTML output -
though I wonder if in some of these cases the visualization plugin
framework might be the superior way to render these results (though
admittedly no tool shed integration then). I have created a Trello
card here - please vote, comment, etc... :
https://trello.com/c/8iMhKlPX
-John
On Mon, Jan 13, 2014 at 9:21 AM, Greg Von Kuster g...@bx.psu.edu wrote:
Hello Pieter,
Please make sure to address items like this to the
galaxy-dev@lists.bx.psu.edu mailing list rather than individual email
accounts as that will ensure more timely responses that include more optimal
feedback.
Sanitizing values from input text fields on tools and other Galaxy forms is
an essential part of ensuring that the values will not wreak havoc within
the Galaxy environment. Opening this up to being optional may be a concern
to some Galaxy administrators. In any case, the Tool Shed probably should
not have the ability to define the use of this feature since it has no
affect within any of the Tool Shed environment ( only Galaxy or other
applications in which things are installed from the Tool Shed will be
affected ). So if it is decided by the Galaxy community that this feature (
i.e., sanitizing form text field values ) should be enhanced or altered,
changes should be made within the Galaxy environment rather than the Tool
Shed.
As input regarding this request comes in from the community, perhaps we can
create an appropriate Trello card to capture the direction we should go.
Thanks very much for your request on this!
Greg Von Kuster
On Jan 13, 2014, at 6:16 AM, Lukasse, Pieter pieter.luka...@wur.nl
wrote:
Hi Greg,
I have some tools which produce HTML and the default setting of the option
sanitize_all_html will give problems and/or make the output look ugly. Would
it be an option to let the administrator decide, for each tool he installs,
whether this option should apply or not? Now is a global setting which
applies to all tools, and in practice this results in it being set to
“false”which means that in practice this is a “pseudo security item” as
it will not be used that often.
The alternative I have been thinking about is to add a checkbox to the
“manage repository” screen to allow the admin to turn this feature on/off
for a specific repository. See also the screenshot below. Maybe you are
already working in this direction, but I thought I’d just share this idea
with you.
image001.png
Best regards,
Pieter Lukasse
Wageningen UR, Plant Research International
Departments of Bioscience and Bioinformatics
Wageningen Campus, Building 107, Droevendaalsesteeg 1, 6708 PB,
Wageningen, the Netherlands
+31-317481122; skype: pieter.lukasse.wur
http://www.pri.wur.nl
___
Please keep all replies on the list by using reply all
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
http://lists.bx.psu.edu/
To search Galaxy mailing lists use the unified search at:
http://galaxyproject.org/search/mailinglists/
___
Please keep all replies on the list by using reply all
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
http://lists.bx.psu.edu/
To search Galaxy mailing lists use the unified search at:
http://galaxyproject.org/search/mailinglists/