Textpattern CMS support forum

You are not logged in. Register | Login | Help

Topics: Active | Unanswered

Pages: 1

#1 2024-12-11 05:45:17

colak: Admin; From: Cyprus; Registered: 2004-11-20; Posts: 9,133; Website GitHub Mastodon Twitter

unsafe elements

I am testing, admittedly superficially, the latest dev version on textpattern.co/demo.

Checking what is already installed and the only (welcome) article we have I get:

Found 0 txp tags and 1 unsafe elements.

The article has nothing that I would deem unsafe. Is the checker overreacting?

Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Online

#2 2024-12-11 07:36:07

etc: Developer; Registered: 2010-11-11; Posts: 5,313; Website GitHub

Re: unsafe elements

colak wrote #338485:

I am testing, admittedly superficially, the latest dev version on textpattern.co/demo.

The article has nothing that I would deem unsafe. Is the checker overreacting?

That’s specific to the demo server — it appends a random comment. Dunno why comments are deemed unsafe by DOMPurify, but there must be a reason.

Offline

#3 2024-12-11 16:56:12

gaekwad: Server grease monkey; From: People's Republic of Cornwall; Registered: 2005-11-19; Posts: 4,321; GitHub

Re: unsafe elements

etc wrote #338487:

That’s specific to the demo server — it appends a random comment.

Correct. It’s a (somewhat arbitrary) mitigation against BREACH, specifically the Heal The Breach part.

Textpattern CMS demo – tech updates

Code is Poetry; Text is Pattern.

Offline

Pages: 1

Board footer

Powered by FluxBB