XSS protection in the web interface went too far in escaping HTML

entities. Fixed.
author: Mark Sapiro <mark@msapiro.net> 2009-08-01 12:22:34 -0700
committer: Mark Sapiro <mark@msapiro.net> 2009-08-01 12:22:34 -0700
commit: fdfee4b34c818c410dd586e86ab1dad99c2a5f4c (patch)
tree: 3e7a392c2cbb093c58f9cbca14338ac6939d8e68 /NEWS
parent: 205504d8f729af4a948ad7a3c9636939dbdc00b9 (diff)
download: mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.tar.gz
mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.tar.xz
mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 477a81f0..47bc5f73 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ Here is a history of user visible changes to Mailman.
 
   Bug Fixes and other patches
 
+    - XSS protection in the web interface went too far in escaping HTML
+      entities.  Fixed.
+
     - Removed or anonymized additional headers in posts to anonymous lists.
 
     - Fixed a bug that could cause incorrect threading of replies to archived
author	Mark Sapiro <mark@msapiro.net>	2009-08-01 12:22:34 -0700
committer	Mark Sapiro <mark@msapiro.net>	2009-08-01 12:22:34 -0700
commit	fdfee4b34c818c410dd586e86ab1dad99c2a5f4c (patch)
tree	3e7a392c2cbb093c58f9cbca14338ac6939d8e68 /NEWS
parent	205504d8f729af4a948ad7a3c9636939dbdc00b9 (diff)
download	mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.tar.gz mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.tar.xz mailman2-fdfee4b34c818c410dd586e86ab1dad99c2a5f4c.zip