Bug: EntityForm fields remove all HTML when basic HTML should be encoded first

WorkHub

Current Project: Index | Create

Home

Getting started

The HtmlAgilityPack is used to strip HTML out of form fields to avoid XSS attacks but HTML should be encoded first so HTML/Javascript code snippets can be supported in text fields as text (not as actual HTML/script)

Confirmed: [+] +1 [-] Resolved: [+] 0 [-]

Bug Details
Date Reported:	1/7/2012 3:32:05 PM
Status:	Pending
Priority:	Extreme
Difficulty:	Low
Type:	NotSet
Version:
Version to fix for:
Percent Fixed:	0

Issues

No issues have been associated with this bug.

Solutions

No solutions have been associated with this bug.

Tasks

No tasks have been associated with this bug.

WorkHub Version 2.6.10.111

RapidResolution (Maintenance) Module: Report issue - Post suggestion
WorkHub: Report issue - Post suggestion

External URL: (to link to this page)

http://www.softwaremonkeys.net/Hub/Projector.aspx?a=View&t=Bug&f=Html&Bug-ID=386d5526-7f91-4630-bf26-869327ee200b