I am a new user of anomy, and so far am very happy with it.
I'm curious to know what the risk is from allowing the HTML tag META
to go through without defanging. I'm finding that nearly all HTML
E-mail messages our users send are being defanged -- exclusively
because of the META tag. The only problem with this is that they
will get used to seeing the sanitizer.log attachment so often, they
will never look at it. I guess there's no harm in that, but it would
be nice if that showed up only when there really was something that
needed defanged, like Javascript or some such.
This may sound naive, but what nasty things are being stuffed into
META?
--- #include <disclaimer.h> Jim Rosenberg Ross Mould 259 S. College St. Washington, PA 15301 (724) 222-7006 x 189 E-mail: 13144@xyz.molar.is