inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

SLNG-1252

Browse Source 
Earlier the the repo webscripts for wiki, blog, forum/discussions and comments stripped the userinput (content field) from un-safe html tags such as scripts. Only white listed tags was allowed (specified in StringUtils.safeTags). Now <strong> and <em> has been added to the list but the method to strip away the tags, StringUtils.stripUnsafeHTML() is no longer used from these scripts.

Instead the share webtier is doing the cleaning of these tags when they are rendered using a html.ftl file. (this is the case for the wiki)
If they are requested from the client directly through an ajax proxy call the result is stripped using the Alfresco.util.stripUnsafeHTML in alfresco.js. (this is the case for blog, forum/discussions and comments).

base.css has been updated to display "rich content", in other words user input that has been formatted, correctly.

A new mimetype for installing air applications has also been added to the list of mime types.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@11003 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Erik Winlof
2008-09-24 13:29:07 +00:00
parent 3b29abbe17
commit 4082b32425
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
config/alfresco/mimetype/mimetype-map.xml
View File

@@ -142,11 +142,11 @@
<extension>jpeg</extension>
<extension>jpe</extension>
</mimetype>
<mimetype mimetype="image/jpeg2000" display="JPEG 2000 Image">
<extension default="true">jpx</extension>
<extension>jp2</extension>
<extension>jpm</extension>
</mimetype>
<mimetype mimetype="image/jpeg2000" display="JPEG 2000 Image">
<extension default="true">jpx</extension>
<extension>jp2</extension>
<extension>jpm</extension>
</mimetype>
<mimetype mimetype="image/svg" display="Scalable Vector Graphics Image">
<extension>svg</extension>
</mimetype>
@@ -252,6 +252,9 @@
<mimetype mimetype="application/x-sv4crc" display="">
<extension>sv4crc</extension>
</mimetype>
<mimetype mimetype="application/vnd.adobe.air-application-installer-package+zip" display="Adobe AIR">
<extension>air</extension>
</mimetype>
<mimetype mimetype="application/x-shockwave-flash" display="Shockwave Flash">
<extension>swf</extension>
</mimetype>