[Issue 17391] SECURITY: XSS through DDOC comments
via Digitalmars-d-bugs
digitalmars-d-bugs at puremagic.com
Wed May 10 14:20:22 PDT 2017
https://issues.dlang.org/show_bug.cgi?id=17391
--- Comment #2 from Cédric Picard <cpicard at openmailbox.org> ---
I was not aware that it is so by design. However if it is a design decision I
believe the security consequences should be made very explicit and clear in
DDOC's documentation so that people avoid distributing third-party projects'
documentation or do it very carefuly.
Limiting the use to some tags would help the usability issue but not the
security one.
--
More information about the Digitalmars-d-bugs
mailing list