tests/unit/test_utils.py · 866f75292b311ea29c8cbc41018ef136c93689ad · edx / xblock-poll

Removed several security features · 0482f8a1

CMS studio users will be considered trusted from now on. Unfiltered HTML
will be permitted alongside markdown. This does mean that privilege
escalation is easy, as a Javascript snippet could be used to grant
superuser privileges if a superuser visits a page.

committed Dec 30, 2014

0482f8a1

test_utils.py 1.16 KB