[Tickets #3437] Re: Changing case
bugs@bugs.horde.org
bugs at bugs.horde.org
Mon Nov 20 07:26:53 PST 2006
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: https://dev.horde.org/horde/whups/ticket/?id=3437
-----------------------------------------------------------------------
Ticket | 3437
Updated By | Chuck Hagenbuch <chuck at horde.org>
Summary | Changing case
Queue | IMP
Version | HEAD
Type | Bug
State | Resolved
Priority | 2. Medium
Owners | Horde Developers
-----------------------------------------------------------------------
Chuck Hagenbuch <chuck at horde.org> (2006-11-20 07:26) wrote:
> IIRC the original goal was to keep our "own" generated a tags from
> being mangled in other steps inside text2html. If anything we
> probably will escape more than before, not less, and loose some of
> our generated links tags.
Right, that's the point, but we were mangling things to do it. At some
point we couldn't link urls after encoding, but I don't know _why_
anymore. At this point, we run htmlspecialchars(), then run the linkurls
and emails filters, and all of the tests pass. If you can show me either
something that we lose, or a vulnerability here, please just add it to the
test cases, but I'm not seeing it.
More information about the bugs
mailing list