[Scoop-help] HTML in story titles

Thu Aug 17 22:49:06 PDT 2006

I'm assuming you mean that editors can add the HTML after story  
submission, and not just anybody.

It's possible that editors can bypass the normal filters when editing  
a story that already exists. If so, that sounds like a bug, because  
fields should be filtered appropriately every time they're changed,  
even if an editor is making the change.

I don't think there would be any security issues with allowing html  
in the title, at least none beyond allowing html anywhere. Titles  
tend to be short and formatted in a specific way on the page,  
however, and are also used in the browser's title bar (which doesn't  
allow html formatting).

-janra

On 17-Aug-06, at 7:58 AM, Chris Schults wrote:

> When a contributor first submits a post, any HTML in the story  
> title is removed. But after the story is published, the titled can  
> be edited and HTML added.
>
> First, I guess I should ask if this is normal behavior? If so, is  
> there a reason why Scoop strips out the HTML? Would there be any  
> issues allowing HTML during the initial story submission? I'm  
> thinking there might be a concern with malicious code.
>
> Chris
>
> On Wed, 16 Aug 2006 17:39:21 -0700
>  janra at write-on.org wrote:
>> What do you mean, exactly?
>> -janra
>> On 16-Aug-06, at 1:10 PM, Chris Schults wrote:
>>> Is there a reason why HTML tags are not allowed in a story title   
>>> before a
>>> story is published, but are okay afterwards?
>>>
>>> Chris
>>>
>>> --------------------------
>>>
>>> Chris Schults
>>> Web Production Manager
>>> Grist Magazine
>>> 710 Second Avenue, Suite 860
>>> Seattle, WA  98104
>>> Phone: 206-876-2020, ext. 204
>>> Fax: 253-423-6487
>>> <http://www.grist.org>
>>>
>>> To sign up for Grist by email, the world's top environmental  
>>> news  served up
>>> with a sense of humor, click here <http://www.grist.org/signup/>  
>>> or  send a
>>> blank email message to <daily-grist-subscribe at lists.grist.org>
>>>
>>> _______________________________________________
>>> Scoop-help mailing list
>>> Scoop-help at lists.kuro5hin.org
>>> http://lists.kuro5hin.org/mailman/listinfo/scoop-help
>
> _______________________________________________
> Scoop-help mailing list
> Scoop-help at lists.kuro5hin.org
> http://lists.kuro5hin.org/mailman/listinfo/scoop-help