Home » Forums » Extra Technical Issues » Bug reports » Resolved

Exposed HTML for user who not log in

 
(View <em>Tatata</em>'s profile)
Tatata
83
vote

When I don't log in, HTML source code are exposed below "Welcome to Extra" on the right side of all pages but top page. Sorry, if you have already noticed. -- Tatata

Bookmark/Search this post with:
‹ Not able to log in using OpenId You are born today by default ›
By Tatata on 2007-06-28 04:06
(View <em>Tatata</em>'s profile)
Tatata

Another HTML after log in.

Thu, 2007-06-28 10:18

After log in, I went to "photos" and clicked "yours". Then, I saw another HTML there :

<p>No photos here yet:<br/><br /> <a href="/photos">Add some!</a></p> <br class="clear" />

This is not a problem for me, just a report for admin.

-- Tatata

»
(View <em>admin</em>'s profile)
admin

Fixed & fixed...

Thu, 2007-06-28 13:26

Always happens, when I fix one thing it breaks another!

Please let me know if you see any others-- it's fields that are trying to display "full html" when we now only allow users to see/use "filtered html" (for security reasons).

Thanks! maj

»
(View <em>Tatata</em>'s profile)
Tatata

About, Copyleft, Privacy policy

Fri, 2007-06-29 10:26

Hello!

Today, I saw HTML as follows.

http://extra.wikitravel.org/about

http://extra.wikitravel.org/copyleft

http://extra.wikitravel.org/privacy_policy

-- Tatata

»
(View <em>admin</em>'s profile)
admin

Got them...

Fri, 2007-06-29 13:09

Thanks again!

Admin Maj

»
(View <em>Tatata</em>'s profile)
Tatata

Blogs, Forums, Photos

Fri, 2007-06-29 13:10

I saw HTML on some entries, maybe they were posted 2 months ago or before. Samples are here :

Blogs

posted on 2007-04-13 http://extra.wikitravel.org/node/912

posted on 2006-03-19 http://extra.wikitravel.org/node/658

Forums

posted on 2007-02-09 http://extra.wikitravel.org/node/323

posted on 2006-09-03 http://extra.wikitravel.org/node/71

Photos

added on Nov 30, 2006 http://extra.wikitravel.org/photos/jani/raffles_le_royal_phnom_penh

added on Aug 23, 2006 http://extra.wikitravel.org/photos/maj/me_aj_and_hc_anderson

-- Tatata

»
(View <em>Tatata</em>'s profile)
Tatata

Feed Item

Sat, 2007-06-30 11:45

Hi, I saw HTML on today's feed item by user:wikitravel.

http://extra.wikitravel.org/node/1413

http://extra.wikitravel.org/node/1412

-- Tatata

»
(View <em>admin</em>'s profile)
admin

fixed

Sat, 2007-06-30 13:37

Fixed... thanks again. I'll go through all the old posts and update their input type (really too bad Drupal doesn't handle changing the default very well...). This may take me a little while to get to everything.

»
(View <em>admin</em>'s profile)
admin

Update

Mon, 2007-07-02 17:30

I'm going to fix this from the database side, it seems a whole slew of old posts need to be update. Don't worry about individual posts with HTML showing-- I'll test the fix on the development server and then run it on the live site tomorrow.

Thanks

»

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

  • Lines and paragraphs break automatically.
  • Easily link to terms in various wikis. For help, see <a href="/interwiki/5">interwiki</a>.
  • Images can be added to this post.
  • Allowed HTML tags: <br/><p><i><u><b><li><ul><a> <em> <strong> <cite> <code> <ol> <dl> <dt> <dd><img>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

To combat spam, please enter the code in the image.