Changes between Version 91 and Version 92 of GenshiTutorial
- Timestamp:
- Sep 12, 2007, 1:26:42 PM (17 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GenshiTutorial
v91 v92 1429 1429 You may want to try performing some XSS attacks by including malicious HTML markup in comments. Try some of the methods shown on the [http://ha.ckers.org/xss.html XSS Cheat Sheet]. You should not be able to get past the sanitizer; if you are, please [/newticket let us now]. 1430 1430 1431 Speaking of the Atom feed, let's update the corresponding templateso that it, too, includes the user-submitted HTML tags as markup, instead of as escaped text. Open `geddit/templates/info.xml`, and update it to look as follows:1431 We're almost done—the only remaining task is to update the Atom feed so that it, too, includes the user-submitted HTML tags as markup, instead of as escaped text. Open `geddit/templates/info.xml`, and update it to look as follows: 1432 1432 1433 1433 {{{ … … 1482 1482 * [wiki:GenshiTutorial/CommentThreading Add comment threading], so that people can reply to comments, and comments and replies are displayed in a hierarchical manner. 1483 1483 * [wiki:GenshiTutorial/AtomPublishing Add support for the Atom Publishing Protocol]. See http://bitworking.org/projects/atom/ 1484 * [http://wicket.apache.org/ Wicket] has some excellent ideas in their Java templating language. In particular, wicket:remove, Markup inheritance, borders, resource bundles, etc. [http://cwiki.apache.org/WICKET/reference-library.html see also the Wicket Wiki]1485 * I fail to see how ticket is related to the tutorial… please elaborate -- cmlenz1486 1484 * (your idea here) 1487 1485