[Vtigercrm-developers] Iframe removed in Homepage Notebook Widget
Nicolas Larcipretti
niclarcipretti at gmail.com
Thu Sep 15 05:11:13 PDT 2011
Gérald,
Think twice before removing this from your Vtiger's installation, it opens a
security breach in your system that can cause lot's of trouble to your
company.
Read more about it here: http://en.wikipedia.org/wiki/Cross-site_scripting
Cheers
Nicolas
2011/9/15 Asha <asha at vtiger.com>
> Yes. It is added to avoid XSS attack.
>
> 2011/9/15 "Hébergement, paramétrage et formation VTIGER CRM" <
> webmaster at bigotconsulting.fr>
>
>> I found it :
>>
>> vtlib_purify removed iframe.
>>
>>
>>
>> Hello there,
>>
>> With Vtiger 5.1, we could insert <iframe> in notebook code.
>> With 5.2.1, this code is automatically removed.
>>
>> Where could I authorize it ?
>>
>> Thank's.
>> Gérald.
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> Regards,
> Asha
> vtiger Team
>
> *Connect with us on: *Twitter <http://twitter.com/#%21/vtigercrm> *I*
> Facebook <http://www.facebook.com/pages/vtiger/226866697333578?sk=wall> *I
> * Blog <http://blog.vtiger.com/>* I* Wiki<http://wiki.vtiger.com/index.php/Main_Page>
> *I *Forums <http://forums.vtiger.com/>*I* Website <http://vtiger.com/>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20110915/cedc1b2f/attachment-0002.html
More information about the vtigercrm-developers
mailing list