Uploaded image for project: 'Moodle app'
  1. Moodle app
  2. MOBILE-1176

Remove SCRIPT tags in content passed to mmFormatText

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Cannot Reproduce
    • 2.3
    • 2.3
    • Libraries, Security
    • MOODLE_23_STABLE
    • MOODLE_23_STABLE

    Description

      As we are compiling mmFormatText content we are also executing the Javascript that was added there. As this can have very random results on the user experience, or even security concerns, my guess is that we should remove, at the very least, the SCRIPT tags.

      Attachments

        Issue Links

          Discovered while testing

          Task - A task that needs to be completed. Tasks usually refer to work that must be done outside the product. MOBILE-1160 Investigate serving of aliased audio files from mod_book

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              Unassigned Unassigned
              fred Frédéric Massart
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                8/Oct/15