http://qs1969.pair.com?node_id=207251


in reply to Re^5: Filtering potentially dangerous URI schemas in <a href="...">
in thread Filtering potentially dangerous URI schemas in <a href="...">

And my client-supplied CSS trumps everything you do on the web site. I wouldn't have every known you'd intended that to be differently colored until it came up. In general this is the "don't communicate solely through color" dictum.

__SIG__ printf "You are here %08x\n", unpack "L!", unpack "P4", pack "L!", B::svref_2object(sub{})->OUTSIDE;

Replies are listed 'Best First'.
Re^7: Filtering potentially dangerous URI schemas in <a href="...">
by Aristotle (Chancellor) on Oct 23, 2002 at 14:38 UTC
    Then how about class="unsafe"? The default could be bold red, with the "unsafe link" text prepended, and usersupplied CSS could style it as desired.

    Makeshifts last the longest.

      Sure you could do a specific CSS class but unless you get all the potential users to add the .unsafe { blah blah } snippet to their CSS configuration then it's a moot point. I'm just thinking that if that went into the site documentation somewhere that it'd be mostly invisible since I don't expect people would notice. That's a guess anyway. I think all I'm reall saying is that you absolutely cannot count on color being available as a device for communication. It's quite obvious that if you prepend some sort of warning text like "Potentially Unsafe Link&lt;a href="mocha:alert('foo!')" &gt;link&lt;/a&gt; that something is going on.

      __SIG__ printf "You are here %08x\n", unpack "L!", unpack "P4", pack "L!", B::svref_2object(sub{})->OUTSIDE;
        If you look back, you'll notice my original proposal did include some text.. :-)

        Makeshifts last the longest.