Nick Jenkins wrote:
------------------------------------
{|
| |[ftp://|x||]" onmouseover="alert(document.cookie)">test
------------------------------------
I've tossed in a quick tweak to the table parser to reduce the danger of this;
it'll now attempt to do the || split only outside of tags. The above example
still ends up with bad nesting (not well-formed XML output) but there's nothing
injected into the attribute area.
(It might also make sense to move the table translation several steps up, before
the various link parsing. In theory, we can think of it as a transformation from
one wiki-markup to another wiki-markup bit. Probably we'll want a bigger set of
test cases for tables, however; anyone want to scour the help pages and
infoboxes and such?)
-- brion vibber (brion @
pobox.com)