[Taginfo-dev] Updates
Jochen Topf
jochen at remote.org
Mon May 27 18:10:39 UTC 2013
Hi!
Today I pushed a few changes to taginfo:
* Added a missing HTML escape in the display of search results. This
could lead to HTML code from tags appearing in search results. On
many web sites this kind of issue (cross side scripting) can be very
problematic, because you can steal sessions or user data this way.
As we don't have this in taginfo, it is not that big a deal here, but
you should update anyway.
https://github.com/joto/taginfo/issues/29
* I made two settings for "interesting tags" and "interesting relation types"
configurable in taginfo-config.json. See the provided example file. This
is interesting for those people running their own sites who previously
had to edit some .sql files.
* I retired the "merkaartor" source. This editor is not maintained any
more and, anyway, the data was never used in taginfo really. If you
have "merkaartor" in your sources.download or sources.create options
in taginfo-config.json, remove it.
Jochen
--
Jochen Topf jochen at remote.org http://www.jochentopf.com/ +49-721-388298
More information about the Taginfo-dev
mailing list