*Where:* Wiki (General)
*Errors:* None
*Browser:* Irrelevant (Server Side Issue)
*Bug Description*
When user submitted HTML code contains _td_ tags with the _colspan_ or _rowspan_ attributes, those attributes are removed from the code when it is served back to the user in the final page, leading to incorrect table formatting.
*Additional Notes*
While the _colspan_ and _rowspan_ attributes are not listed as allowed, they are basic functionality for formatting tables. Since they only effect the formatting of the element to which they are attached, they pose no risk to security, and minimal risk to presentation compared to existing allowed tags. This seems like an oversight more than anything else.
Comments
*Errors:* None
*Browser:* Irrelevant (Server Side Issue)
*Bug Description*
When user submitted HTML code contains _td_ tags with the _colspan_ or _rowspan_ attributes, those attributes are removed from the code when it is served back to the user in the final page, leading to incorrect table formatting.
*Additional Notes*
While the _colspan_ and _rowspan_ attributes are not listed as allowed, they are basic functionality for formatting tables. Since they only effect the formatting of the element to which they are attached, they pose no risk to security, and minimal risk to presentation compared to existing allowed tags. This seems like an oversight more than anything else.
And…no change since 2009. Pretty indicative of OP in general, really.
bump
~Weasel0
A Parade of Black | ShadowRunHack |
Where I play with CSS code