Ignore:
Timestamp:
May 14, 2013, 10:04:33 AM (11 years ago)
Author:
plg
Message:

feature 2899: ability to allow HTML in EXIF/IPTC (disabled by default)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/2.5/include/config_default.inc.php

    r21187 r22660  
    374374  'date_creation' => 'DateTimeOriginal'
    375375  );
     376
     377// allow_html_in_metadata: in case the origin of the photo is unsecure (user
     378// upload), we remove HTML tags to avoid XSS (malicious execution of
     379// javascript)
     380$conf['allow_html_in_metadata'] = false;
    376381
    377382// +-----------------------------------------------------------------------+
Note: See TracChangeset for help on using the changeset viewer.