[AWFFULL] awffull 3.7.1 bug with search string keywords
Steve McInerney
steve at stedee.id.au
Sat May 5 16:50:48 EST 2007
Heh. That's actually quite amusing. :-)
Irritating I grant, but amusing that it just happened to coincide with a
real HTML word.
I've logged that as a bug.
http://www.stedee.id.au/flyspray/task/10
I'm in the final prep with getting 3.7.4 out - so won't be fixed in
there. Trying to *finally* get 3.8.1-beta1 out - so would prefer not to
put a fix in there, probably 3.8.1-beta2.
Hopefully 2-4 weeks. If urgent, let me know and I'll see if I can't get
something patched together sooner.
In the meantime, I'd suggest doing a prefilter with egrep or similar to
filter the problem away?
Cheers!
- Steve
http://www.stedee.id.au/flyspray/task/10
on 5/05/2007 2:36 PM Héctor Delcourt (Armonth) said the following:
> Hi! I am user spanish of awffull and can tell a bug I founded
>
> In the search string keywords report ("View All Search Strings"), the list
> of keywords can contain unsanitized HTML.
>
> One user search "<marquee for Firefox" on my site and the result is all
> lines below this search is "marqueed"
>
> The solution is sanitize all < and > with the correspondent entity: <
> and >.
>
> Greetings
More information about the AWFFull
mailing list