#170 new
Walter McGinnis

Add Sanitizing to Harvesting of Embedded Metadata

Reported by Walter McGinnis | February 28th, 2009 @ 10:44 AM

lib/embedded will simply assign an item's extended field value to what is in the metadata contained within the uploaded file in question (if things are enabled and configured).

We want to disallow embedded values from having Javascript or unwhitelisted HTML as we do with the description attribute.

It should be fairly straightforward to add a call to sanitizer before assigning the value.

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Kete was developed by Horowhenua Library Trust and Katipo Communications Ltd. to build a digital library of Horowhenua material.

People watching this ticket