Problem with Public version View when HTML code was embedded in the Note field

If I pasted the html code in the Note edit box, that it displays correctly everywhere except the "Public version View".
See for example http://gpsloglabs.com/share/711bb9a2a7f6971819ba068699cffbc360662285/
It would be nice to fix this because it's the only way to give access to some photo/video along with the track.

Vladimir , 29.08.2015, 15:55

Response from the site administrator

tompaton, 01.09.2015

Unfortunately allowing that code to be included poses a security risk, see https://en.wikipedia.org/wiki/Cross-site_scripting

It really shouldn't be allowed in the "private" activity pages either, but in those cases the risk is minimal as you can only "attack" yourself.

If you want to combine GPS data with photos etc. you will need to embed the maps and graphs into a blog or other website that will also allow including the photos and videos.

For more information, see http://blog.gpsloglabs.com/posts/embedding-maps-and-graphs-in-your-site.html

Idea status: rejected

Comments

Login
Password		Forgot your password?
	Remember me
	Sign in

Login		Use 3 to 18 characters, Latin characters or numbers	This login is not availableThis login is available
e-mail
Password		Use 3 to 18 characters, Latin characters or numbers
Re-type password
	Remember me

	Sign up


E-mail

Problem with Public version View when HTML code was embedded in the Note field

Comments

Leave a comment