Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">


Perl Monk, Perl Meditation
	PerlMonks

Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">

by IlyaM (Parson)

on Oct 20, 2002 at 13:57 UTC ( [id://206651]=note: print w/replies, xml )

Need Help??

in reply to Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">
in thread Filtering potentially dangerous URI schemas in <a href="...">

I don't like JavaScript, but it does have some useful and entertaining uses.

Sure it has legimate uses. The problem is that allowing third party to put arbitrary javascript code on a web site is insecure. It is called Cross Site Scripting.

I'd like to suggest that if any sort of link filtering were to be done on Perl Monks, let it be the removal of onLoad and onUnload JavaScript actions.

IIRC filtering of these and similar attributes is already implemented.

--
Ilya Martynov, ilya@iponweb.net
CTO IPonWEB (UK) Ltd
Quality Perl Programming and Unix Support UK managed @ offshore prices - http://www.iponweb.net
Personal website - http://martynov.org

Comment on Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">

In Section Perl Monks Discussion

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://206651]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others browsing the Monastery: (2)

As of 2024-04-24 23:26 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found