EPrints Technical Mailing List Archive
Message: #03116
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] Re: Sanitising output
- To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
- Subject: [EP-tech] Re: Sanitising output
- From: Andrew Beeken <anbeeken@lincoln.ac.uk>
- Date: Thu, 5 Jun 2014 15:30:25 +0000
Further to this, I¹ve done some digging and the specific issue seems to be in the XML output where the unclosed <meta> tags are causing issues for importers. On 05/06/2014 12:46, "Andrew Beeken" <anbeeken@lincoln.ac.uk> wrote: >Hello! > >We have a couple of records which have html tags included in the abstract >and Additional Information fields. The problem we have with this is that >EPrints does not seem to be sanitising the output here so these are being >rendered as tags in the source code. At the moment the tags are <meta> >which is only causing issues when we try and parse the page, however we >cannot assume that someone isn¹t going to use a tag that could >potentially mess up the layout like <div> or even something as simple as ><strong>. > >My question; should the outputs be sanitised and, if so, what¹s the >likely issue here? If not, is there a plugin or recommended method to do >this? > >Andrew > >The University of Lincoln, located in the heart of the city of Lincoln, >has established an international reputation based on high student >satisfaction, excellent graduate employment and world-class research. > >The information in this e-mail and any attachments may be confidential. >If you have received this email in error please notify the sender >immediately and remove it from your system. Do not disclose the contents >to another person or take copies. > >Email is not secure and may contain viruses. The University of Lincoln >makes every effort to ensure email is sent without viruses, but cannot >guarantee this and recommends recipients take appropriate precautions. > >The University may monitor email traffic data and content in accordance >with its policies and English law. Further information can be found at: >http://www.lincoln.ac.uk/legal. > >*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech >*** Archive: http://www.eprints.org/tech.php/ >*** EPrints community wiki: http://wiki.eprints.org/ >*** EPrints developers Forum: http://forum.eprints.org/
- Prev by Date: [EP-tech] Re: Uncontrolled keywords.
- Next by Date: [EP-tech] Re: IRStats2 decimal symbol
- Previous by thread: [EP-tech] Sanitising output
- Next by thread: [EP-tech] Default email address for requests
- Index(es):