Date: Thu, 09 Jul 2015 08:37:35 -0500 From: Mark Felder <feld@FreeBSD.org> To: Tijl Coosemans <tijl@FreeBSD.org> Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org, wblock@freebsd.org, hrs@freebsd.org Subject: Re: svn commit: r391576 - head/security/vuxml Message-ID: <1436449055.3393221.319434617.216F10F4@webmail.messagingengine.com> In-Reply-To: <20150709150143.22c91137@kalimero.tijl.coosemans.org> References: <201507081705.t68H515b023864@repo.freebsd.org> <20150709150143.22c91137@kalimero.tijl.coosemans.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 9, 2015, at 08:01, Tijl Coosemans wrote: > > It's better to mark paragraphs with <p></p> instead of <br/><br/> and > lists can be created with <ul> and <li> instead of ascii art like this: > Thanks for the suggestion. I noticed the formatting was terrible and thought "I should add some <br>, I wonder if anyone else has used that?" and did a search in vuxml for it. I found results and was satisfied with my decision at the time. It looked OK, so I went with it, but by then I had forgotten that I manually added the * to create the fake ascii-art list :-) I realize now that I should have just looked at the page source and copied exactly what they had to keep the formatting identical: <p>We just published updates to both stable versions 1.0 and 1.1 after fixing many minor bugs and adding some security improvements to the 1.1 release branch. Version 1.0.6 comes with cherry-picked fixes from the more recent version to ensure proper long term support especially in regards of security and compatibility.</p> <p>The security-related fixes in particular are:</p> <ul> <li>XSS vulnerability in _mbox argument</li> <li>security improvement in contact photo handling</li> <li>potential info disclosure from temp directory</li> </ul> Hindsight is 20/20 I guess? I've also been talking to wblock about training igor to work nicely with vuxml. It reports a ridiculous amount of violations if you run it against the whole file, but it would be nice to have it identify the newest entry or the VID you supply and give you additional formatting feedback on your entry. Additionally, per my suggestion hrs has a patch to improve the vuxml port which lets you do a "make VID=xxx-xxx-xxx-xxx html" and have it spit out the full vuxml html page so you can view your entry in a browser and ensure you're happy with the layout before committing. I hope this will be beneficial to all contributors.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1436449055.3393221.319434617.216F10F4>