diff --git a/conf/defaults.config b/conf/defaults.config index 1264c97aa6..6ba2a8521b 100644 --- a/conf/defaults.config +++ b/conf/defaults.config @@ -979,7 +979,6 @@ $pg{specialPGEnvironmentVars}{problemPostamble} = { TeX => '', HTML=>'' }; # should appear as [qw(Mymodule.pm, Dependency1.pm, Dependency2.pm)] ${pg}{modules} = [ - [qw(HTML::Scrubber)], [qw(HTML::Parser)], [qw(HTML::Entities)], [qw(DynaLoader)], diff --git a/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm b/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm index 413391a151..0c75b4efaf 100644 --- a/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm +++ b/lib/WeBWorK/ContentGenerator/GatewayQuiz.pm @@ -41,7 +41,6 @@ use WeBWorK::Utils::Tasks qw(fake_set fake_set_version fake_problem); use WeBWorK::Debug; use WeBWorK::ContentGenerator::Instructor qw(assignSetVersionToUser); use PGrandom; -use HTML::Scrubber; # template method sub templateName { @@ -1010,27 +1009,6 @@ sub pre_header_initialize { my $formFields = { WeBWorK::Form->new_from_paramable($r)->Vars }; - ##### scrub answer fields for xss badness ##### - my $scrubber = HTML::Scrubber->new( - default=> 1, - script => 0, - process => 0, - comment => 0 - ); - foreach my $key (keys %$formFields) { - if ($key =~ /AnSwEr/) { - $formFields->{$key} = $scrubber->scrub( - (defined $formFields->{$key})? $formFields->{$key}:'' # using // would be more elegant but breaks perl 5.8.x - ); - ### HTML::scrubber is a little too enthusiastic about - ### removing > and < so we have to add them back in otherwise - ### they confuse pg - $formFields->{$key} =~ s/</{$key} =~ s/>/>/g; - } - } - - $self->{displayMode} = $displayMode; $self->{redisplay} = $redisplay; $self->{submitAnswers} = $submitAnswers; diff --git a/lib/WeBWorK/ContentGenerator/Instructor/ProblemGrader.pm b/lib/WeBWorK/ContentGenerator/Instructor/ProblemGrader.pm index e849ce9b0a..7fba50364b 100644 --- a/lib/WeBWorK/ContentGenerator/Instructor/ProblemGrader.pm +++ b/lib/WeBWorK/ContentGenerator/Instructor/ProblemGrader.pm @@ -20,7 +20,6 @@ package WeBWorK::ContentGenerator::Instructor::ProblemGrader; use base qw(WeBWorK::ContentGenerator); use WeBWorK::Utils qw(sortByName ); use WeBWorK::PG; -use HTML::Scrubber; =head1 NAME @@ -130,18 +129,7 @@ sub initialize { #if the instructor added a comment we should save that to the latest answer if ($r->param("$userID.comment")) { - ### $comment needs to be sanitized. It could currently contain badness written - ### into the comment by the instructor - - - my $scrubber = HTML::Scrubber->new( - default=> 1, - script => 0, - process => 0, - comment => 0 - ); - - my $comment = $scrubber->scrub( ( defined $r->param("$userID.comment") )?$r->param("$userID.comment"):'' ); + my $comment = $r->param("$userID.comment"); my $userPastAnswerID = $db->latestProblemPastAnswer($courseName, $userID, $setID, $problemID); if ($userPastAnswerID) { diff --git a/lib/WeBWorK/ContentGenerator/Problem.pm b/lib/WeBWorK/ContentGenerator/Problem.pm index 310cae9aa7..6c11f1b719 100644 --- a/lib/WeBWorK/ContentGenerator/Problem.pm +++ b/lib/WeBWorK/ContentGenerator/Problem.pm @@ -42,7 +42,6 @@ use URI::Escape; use WeBWorK::Localize; use WeBWorK::Utils::Tasks qw(fake_set fake_problem); use WeBWorK::AchievementEvaluator; -use HTML::Scrubber; ################################################################################ # CGI param interface to this module (up-to-date as of v1.153) @@ -723,26 +722,7 @@ sub pre_header_initialize { $formFields->{$_} = $oldAnswers{$_} foreach keys %oldAnswers; } - ##### scrub answer fields for xss badness ##### - my $scrubber = HTML::Scrubber->new( - default=> 1, - script => 0, - process => 0, - comment => 0 - ); - foreach my $key (keys %$formFields) { - if ($key =~ /AnSwEr/) { - $formFields->{$key} = $scrubber->scrub( - (defined $formFields->{$key})? $formFields->{$key}:'' # using // would be more elegant but breaks perl 5.8.x - ); - ### HTML::scrubber is a little too enthusiastic about - ### removing > and < so we have to add them back in otherwise - ### they confuse pg - $formFields->{$key} =~ s/</{$key} =~ s/>/>/g; - } - } - + ##### translation ##### debug("begin pg processing"); diff --git a/lib/WeBWorK/Localize/en.po b/lib/WeBWorK/Localize/en.po index 77fce7a62f..68ffb4b443 100644 --- a/lib/WeBWorK/Localize/en.po +++ b/lib/WeBWorK/Localize/en.po @@ -45,7 +45,7 @@ msgstr "Prev" # msgid "navProbListGrey" -msgstr "tr: Up" +msgstr "Up" # msgid "navNextGrey" diff --git a/lib/WeBWorK/Localize/en_us.po b/lib/WeBWorK/Localize/en_us.po index 22972376a0..c7d08893b3 100644 --- a/lib/WeBWorK/Localize/en_us.po +++ b/lib/WeBWorK/Localize/en_us.po @@ -33,7 +33,7 @@ msgstr "Prev" # msgid "navProbListGrey" -msgstr "tr: Up" +msgstr "Up" # msgid "navNextGrey"