Wednesday, April 30, 2008

Tiny MCE and XSS

Awfully obvious but documented here in case you have a brain-fart like I did.



javascript_include_tag "#{request.protocol}#{request.host}#{request.port_string}/javascripts/tiny_mce/#{RAILS_ENV == 'development' ? 'tiny_mce_src.js' : 'tiny_mce.js'}"

1 comment:

Mark said...

I came across an XSS issue in tiny_mce_src.js when running Fortify. I wonder if there's a fix for it?