instead of using the agreed upon implementation, one of the java guys put in a "global solution" to escape all < and > in url and form scope

which we made him roll back because admins need to enter html and that screws up the admins' html

so he reluctantly rolled it back...

and today he put in a fix that if < or > is found in cgi.query_string to abort processing

so now, if a user tries to enter html, they will get a blank page

and so will the admin

and my last bug is to set the system up to save the field where the admin is basically required to enter HTML

so the bug report will basically be: you remember bug n? Your fix for bug m has more bad impact than n but is basically the same

and that is now a blocker on bug o

BUH BYE