On 26/06/2009, at 3:21 PM, Aryeh Gregor wrote:
On Fri, Jun 26, 2009 at 8:22 AM, Steve Bennettstevagewp@gmail.com wrote:
- A limited number of admin-controlled special templates can use an
even wider range of features, including raw HTML.
Admins are not going to be allowed to insert raw HTML. At least, not ordinary admins.
They already can, with Javascript, so there's no XSS issue.
-- Andrew Garrett Contract Developer, Wikimedia Foundation agarrett@wikimedia.org http://werdn.us