All,
I havent tested this percieved error completely, as I didnt want to accidentally take down the site. I did notice that when a user types HTML comment tags into the CB, they are not parsed out. I was able to make text dissappar by typing <!-- whoa --> and whoa didnt show up. The CB just had a blank line for my last entry. Looking at the sourcecode of the page shows that the comment tags did show up. If one were to type an opening comment tag (<!--) then one could wipe out all html below the comment line, rendering the page invisible.

Not sure how to fix this without parsing every entered line in the CB, but I just wanted to bring it to someones attention before it became a problem. Also not sure if someone had mentioned it before.
_________________________________________
E-Bitch
Tempora Mutantur Nos et Mutamur in Illis
"The Times are Changed Even as We are Changed in Them"
  • Comment on Error with Chatbox and HTML comment blocks

Replies are listed 'Best First'.
Re: Error with Chatbox and HTML comment blocks
by Zaxo (Archbishop) on Sep 20, 2001 at 06:16 UTC

    Not that big a problem, CB monks know about it and jump in to provide a closing -->. Besides, some CB clients show the comments. They make an entertaining subchannel.

    After Compline,
    Zaxo

[reply]
      Of course you need to do it with a CB client, because otherwise the message field and talk button are hidden in comments :).



      Simon Flack ($code or die)
      $,=reverse'"ro_';s,$,\$,;s,$,lc ref sub{},e;$,
      =~y'_"' ';eval"die";print $_,lc substr$@,0,3;
[reply]

        And you'll always find that back button in your browser to find a page with the textfield still in it.. :)

        He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

        Chady | http://chady.net/
[reply]
Re: Error with Chatbox and HTML comment blocks
by E-Bitch (Pilgrim) on Sep 20, 2001 at 05:56 UTC
    remove node please (unecessary)
[reply]

Back to Perl Monks Discussion