EviBlog 1.6 Released

Leave a comment

November 23, 2010 by Alistair Deneys

Today I’ve made a new release of the EviBlog Sitecore shared source module.

Release 1.6 includes the following bug fixes:

  • Comment display on website contains an XSS vulnerability. Used Microsoft’s AntiXSS library to properly escape the content before putting it on page.
  • User comments were being displayed as a single line, removing line breaks entered during comment submission – fixed
  • User comments in the CMS were displayed as a single line text field so authors couldn’t see line breaks from input – fixed
  • If a user entered invalid name characters in their name the module would throw an exception as the comment item name is based on the users name. Filter the input name to make sure valid characters are used or substituted.
    The following new features have also been added:
  • WCF service and client to allow submitting comment from a delivery server back to the authoring server in a multi-server setup.
  • New setting in config include file determines if WCF is to be used or not.
  • Capture comment author’s IP address for auditing.

Nick Wesselman has also made a release of his Youphoria branch which you can read about on his blog over at http://www.techphoria414.com/Blog/EviBlog-Youphoria-Branch.aspx.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


The views expressed on this blog are solely my own and do not necessarily reflect the views of my employer.
%d bloggers like this: