Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">

by IlyaM (Parson)
on Oct 20, 2002 at 13:57 UTC ( #206651=note: print w/replies, xml ) Need Help??


in reply to Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">
in thread Filtering potentially dangerous URI schemas in <a href="...">

I don't like JavaScript, but it does have some useful and entertaining uses.

Sure it has legimate uses. The problem is that allowing third party to put arbitrary javascript code on a web site is insecure. It is called Cross Site Scripting.

I'd like to suggest that if any sort of link filtering were to be done on Perl Monks, let it be the removal of onLoad and onUnload JavaScript actions.

IIRC filtering of these and similar attributes is already implemented.

--
Ilya Martynov, ilya@iponweb.net
CTO IPonWEB (UK) Ltd
Quality Perl Programming and Unix Support UK managed @ offshore prices - http://www.iponweb.net
Personal website - http://martynov.org

  • Comment on Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://206651]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (2)
As of 2022-12-06 20:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?