in reply to Filtering potentially dangerous URI schemas in <a href="...">
I wouldn't want them filtered entirely. There are a few legitimate (or at least non-malicious) uses for it.
Here's an idea that caters to everyone: add onClick="confirm('This link may be dangerous. Follow anyway?')" to such links. It is unintrusive to those who surf with Javascript disabled too.
Although, thinking about it, there may be sensitive browser-specific schemes that work when Javascript is disabled, in which case that would be no good. If that's deemed important to catch, links with non-standard schemes could lead to altered presentation, maybe unsafe link: like this.
Makeshifts last the longest.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Re: Filtering potentially dangerous URI schemas in <a href="...">
by moxliukas (Curate) on Oct 20, 2002 at 23:11 UTC | |
by Aristotle (Chancellor) on Oct 20, 2002 at 23:18 UTC | |
by particle (Vicar) on Oct 20, 2002 at 23:53 UTC | |
by Aristotle (Chancellor) on Oct 21, 2002 at 00:00 UTC | |
by diotalevi (Canon) on Oct 23, 2002 at 01:16 UTC | |
|
In Section
Perl Monks Discussion