Extension talk:AllowAnchorTags

Aren't there potential XSS vulnerabilities opened by this extension? Jean-Lou Dupont 21:53, 9 April 2007 (UTC)
 * indeed - a) be failing to escape user input, and b) by design through javascript: urls. -- Duesentrieb ⇌ 23:06, 9 April 2007 (UTC)

I can't get the target attribute to the URL to work. Also the script is available at ...esnips.com link is broken.

-- 20080709 BEGIN-- The closing ?> was missing from the end of the php file. The addAnchorTag function didn't have a return statment, which caused an error, so I added 'return true;' The tar.gz file needs to be updated, as it doesn't contain these changes, nor does it contain the $wgExtensionCredits section at the top of AllowAnchorTags.php. -- 20080709 END --