https://bugzilla.wikimedia.org/show_bug.cgi?id=37248
--- Comment #4 from MZMcBride <[email protected]> --- (In reply to comment #1) > Unable to reproduce the bug. This bug is trivial to reproduce. Here's an example: <https://wikimediafoundation.org/w/index.php?title=Wikimedia:Sandbox&oldid=91728>. The HTML output is: --- <span style="/* insecure input */">testing for bug 37248</span> --- (In reply to comment #3) > Shouldn't there be any workarounds to allow url's? > Is html tag the only workaround? I don't know, but this seems irrelevant to this bug. This bug is about content within <html> tags being improperly sanitized. Content within <html> tags should be passed as-is without being sanitized. Please re-read comment 0 for a full explanation. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
