It seems that alot of forums are too afraid to allow HTML, are people just being paranoid?
md16185
0
Newbie Poster
Recommended Answers
Jump to PostWhy on earh would someone want to open an attachment from a random address???
To find unique goodies.
Jump to PostHere the reasons :
- If it support HTML mean they also support Javascript or VBScript
- Users and affect virus, spyware, trojan
- Mess up the forum, example you post </tr><tr> or something etc...
- more....
Jump to PostIf forums allows HTML then it would be victim of HTML Injection attack also known as Cross Site Scripting.
Basically this attack means, whenever any user creates post then when that post is visible on page and if the HTML is allowed then is would also execute in page.
Now …
Jump to PostYou do realise this thread was almost 5 yeas old...
Jump to PostThanks for your point.
Thread may be old but information can't ..still today lots of people don't know about these issues and lots of new websites contains these security issues.
You may find it out dated but for lot of people it may be informative.
All 21 Replies
server_crash
64
Postaholic
jwenting
1,889
duckman
Team Colleague
moderate_rock48
7
Posting Pro
jwenting
1,889
duckman
Team Colleague
Rashakil Fol
978
Super Senior Demiposter
Team Colleague
Electrohead
jwenting
1,889
duckman
Team Colleague
dlh6213
27
Posting Maven
Team Colleague
Rashakil Fol
978
Super Senior Demiposter
Team Colleague
server_crash
64
Postaholic
dlh6213
27
Posting Maven
Team Colleague
jwenting
1,889
duckman
Team Colleague
server_crash
64
Postaholic
dlh6213
27
Posting Maven
Team Colleague
jwenting
1,889
duckman
Team Colleague
invisal
381
Search and Destroy
gaurang4
1
Newbie Poster
Will Gresham
81
Master Poster
gaurang4
1
Newbie Poster
induswebi
0
Newbie Poster
Nick Evan
commented:
spam
+0
Oamaok
0
Newbie Poster
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.