Bug: Any embeddable html object is executed.
This is one of those things that is a feature as much as it is a bug. However it is submitted as a bug report to catch the eyes of those who are scanning for potential risks. Maybe we should have a new category for things like this: RiskyFeatures ? The highest profile subset of this "embed anthing" risk/feature is javascript: UsersCanPutJavascriptInTopics. -- MattWilkie - 29 Nov 2004 While battling trying to get JSCaleandar to work I found not only could I embed the javascript in the body of a topic, I could also enbed the<LINK CSS> in the body &emdash; I didn't have to put it in the header. This may be the browser being iberal in its interpretation, but it worked. (OK, I admit it, I used <!-- LINK --> to hide it) -- AntonAylward - 27 Nov 2004 
Edit | Attach | Topic revision: r1 - 2004-11-29 - MattWilkie
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Lima Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.