Since I am firmly in the
expose, don't hide camp, I would like to bring up a
discussion about the fact the nodes on this site
are editable by third parties. Not only can text be added,
but annoying HTML markup and even javascript, which can
be used to grab things that should not be (e.g. cookie
info). How do we limit this? Nobody has a really malicious
home node or post that I know of right now (although some
log you out, which I find really rude), but it would
be fairly easy to create a simple link in a post that
would do Bad Things.
Perhaps we could limit HTML to simple things, like
A, LI, OL, UL, etc. and only allow more advanced and/or
easily abused things like FONT H1 SCRIPT to higher levels?
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|
