[Mailman3-dev] Mailman Design
Aaron Schaap
dev at elevatorup.com
Fri Apr 9 08:48:16 EDT 2004
> That's not a bad idea. Editing CSS should be harmless, right? I mean
> is there the equivalent of cross-site scripting exploits possible if all
> you give is the ability to edit CSS?
Using CSS is probably the safest and easiest way. No exploits that I know
of. If anything, someone can even write up their own look and feel that
could over ride a list look but it would only be viewable that person's
browser.
Put something like <body id="<mailman-name>"> and allow a user (if they
wanted too) to change anything for their liking.
Other issues however come about - What if a person wants to add a whole
navigation system, or what if they need to add some JavaScript. Maybe, we
could just allow a header and footer to be editable and let people use CSS
for everything else.
-------------------------
Aaron Schaap
Elevator Up - Internet Consulting & Development
Phone: 616-566-1423
Web: www.elevatorup.com
Email: aaron.schaap at elevatorup.com
More information about the Mailman3-Dev
mailing list