We don't bite newbies here... much | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I wouldn't want them filtered entirely. There are a few legitimate (or at least non-malicious) uses for it. Here's an idea that caters to everyone: add onClick="confirm('This link may be dangerous. Follow anyway?')" to such links. It is unintrusive to those who surf with Javascript disabled too. Although, thinking about it, there may be sensitive browser-specific schemes that work when Javascript is disabled, in which case that would be no good. If that's deemed important to catch, links with non-standard schemes could lead to altered presentation, maybe unsafe link: like this. Makeshifts last the longest. In reply to Re: Filtering potentially dangerous URI schemas in <a href="...">
by Aristotle
|
|