Giaco el vecio
10 months ago
#bug #friendica ?
Eros Zabeo
Seems that some users have had some issues with the "add link" button located under the edit area when creating a new post.
Each time an url which begins with "https" is typed the inclusion of the link doesn't work and instead of the link itself appears this text:
Array
(
)
link
14 comments show more
Mr. X
10 months ago
Right. Yes it probably does. I think if we disallow parens () for any user-supplied css params (including color and size) it should be safe. Though that doesn't let one set a background image - which might be interesting.
Michael Vogel
10 months ago
Yesterday I built a routine that removes all characters despite the ones that you want. In this case: "a" to "z", "0" to "9", ":", ";", "#" and "-". This should allow most stuff.
#
Performance: Database: 0.453, Network: 0.001, Rendering: 0.012, Parser: 0.011, I/O: 0.002, Other: 0.123, Total: 0.601
Report Bug