Re: Bug#220779: ITP: zope-epoz -- Cross-browser-wysiwyg-editor for Zope
On Fri, 21 Nov 2003 14:52:44 +0100 (CET)
Andreas Tille <tillea@rki.de> wrote:
> On Fri, 21 Nov 2003, Henning Makholm wrote:
>
> > > Browsers which support rich text controls (for example, Mozilla)
> > > are required to use Epoz.
> >
> > What on earth does this mean? Will I be taken to court if I write a
> > browser that has a "rich text control" yet does not use your
> > package? Or only if I *install* your package together with my
> > browser? Who exactly is doing this requiring?
> Native English speaker please corret me. The situation is as follows:
>
> If you are using a browser which supports rich text controls
> (current Mozilla, Firebird, Galeon in unstable) than you
> will be able to use the advanced features of zope-epoz which are
> easily to test at the Epoz testpage:
>
> http://mjablonski.freezope.org/epoz/test.html/edit
>
> Just try and see whether your browser works.
>
Look, I know that this is politically incorrect, but it needs to be
said, epoz is not mozilla only. In fact, one of the major attractions
of the package is that it works with recent Microsoft Internet Explorer
(MSIE).
Since this is a package that is aimed at making it easy for clients to
edit text areas - with full WYSIWYG controls - it is important that
administrators know that installing this package can help them with
the most common client.
Also, there may be some concern with the security aspects of permitting
epoz - i.e. cross-site scripting, etc. As far as I can tell, epoz
actually is more secure than allowing a textarea and trying to verify
it. In any case, it is worth serious thought, and one way or the other,
security aspects should probably be part of this long description.
Jim Penny
Reply to: