RE: HTML tags to be filtered out

Others that pop into my mind:

What about embedded javascript things such as onMouseOver? You can embed some stuff right in the tag itself without using the SCRIPT tag...

Comment on RE: HTML tags to be filtered out

Replies are listed 'Best First'.
RE: RE: HTML tags to be filtered out by KM (Priest) on Aug 23, 2000 at 20:35 UTC
Although I don't disagree with taking things like IMG and BLINK away, I think a good starting point is with tags that may pose a security concern, which are keeping in line with things vroom originally listed. Cheers, KM	[reply]
RE: RE: RE: HTML tags to be filtered out by turnstep (Parson) on Aug 23, 2000 at 20:39 UTC
Actually, I'm starting to lean towards chromatic's option of "Exclude Everything, Allow Explicit". However, TT must stay!! (actually, all text markup should stay, with the possible exception of FONT and H?)	[reply]
RE (tilly) 4: HTML tags to be filtered out by tilly (Archbishop) on Aug 23, 2000 at 21:48 UTC
Actually what chromatic said was just standard security advice. As I mentioned at RE: HTML tags to be filtered out well over a dozen nodes before RE: HTML tags to be filtered out. But I absolutely agree that TT is an important one to have. EDIT At the moment linking by id seems broken! The two links above are nodes 29231 (me) and 29249 (chromatic). :-(	[reply]