Mercurial > urweb
diff lib/ur/basis.urs @ 1710:540df112ff62
Remove string-valued style attribute, which may allow injection attacks
author | Adam Chlipala <adam@chlipala.net> |
---|---|
date | Sun, 15 Apr 2012 12:40:53 -0400 |
parents | 4600cc5e335c |
children | f9e5a8e09cdf |
line wrap: on
line diff
--- a/lib/ur/basis.urs Wed Apr 11 03:03:19 2012 +0400 +++ b/lib/ur/basis.urs Sun Apr 15 12:40:53 2012 -0400 @@ -743,7 +743,7 @@ con boxEvents = focusEvents ++ mouseEvents ++ keyEvents ++ resizeEvents ++ scrollEvents con tableEvents = focusEvents ++ mouseEvents ++ keyEvents -con boxAttrs = [Id = id, Title = string, Style = string] ++ boxEvents +con boxAttrs = [Id = id, Title = string] ++ boxEvents con tableAttrs = [Id = id, Title = string] ++ tableEvents val span : bodyTag boxAttrs