Reply
 
Thread Tools Search this Thread
 
Old 16 March 2004, 18:46   #1
Administrator
 
John Kennett's Avatar
 
Country: UK - England
Town: Brighton
Length: 3m +
Join Date: May 2000
Posts: 6,830
Why it's not good to allow HTML in posts

The question of using HTML in posts has been raised with me by PM, and has also been mentioned on BoatMad . It's possible that other people may also be interested so here are my thoughts . . .

The short answer is that it is a security risk, with a whole range of exploits from the trivial to the malicious. Some more details can be found here

Most things that might require HTML can be achieved using vB code so there's not much to be gained anyway!

John

PS Hi Matt
__________________

__________________
John Kennett is offline   Reply With Quote
Old 16 March 2004, 19:29   #2
Member
 
Country: UK - England
Town: Farnborough
Boat name: Eleven
Make: Arrow
Length: 8m +
Engine: 557cu, 700hp
Join Date: Jul 2003
Posts: 1,255
Hey, I always prefer to code in HTML and try to richen my posts up a bit. But it's not a big deal.
__________________

__________________
Matt is offline   Reply With Quote
Old 17 March 2004, 02:51   #3
Member
 
Richard B's Avatar
 
Country: UK - England
Town: Devon
Boat name: White Ice
Make: Ranieri
Length: 5m +
Engine: Suzuki 115hp
Join Date: Jul 2002
Posts: 5,015
Interesting what happened to the GPS thread on Boatmad...
Richard B is offline   Reply With Quote
Old 17 March 2004, 03:48   #4
Member
 
Country: UK - England
Town: scotland
Boat name: Leviathan
Make: Phantom
Length: 8m +
Engine: GM Diesels
Join Date: Jan 2003
Posts: 1,437
Yes Very! You're a bad boy JK.

(and you'll be punished in due course!)
__________________
Jonny Fuller is offline   Reply With Quote
Old 17 March 2004, 05:00   #5
Administrator
 
John Kennett's Avatar
 
Country: UK - England
Town: Brighton
Length: 3m +
Join Date: May 2000
Posts: 6,830
I was just gently making the point that there are good reasons not to allow HTML in posts.

For those that missed it, I hijacked Matt's GPS thread... on BoatMad and redirected it here

This was just a silly little trick, but other more serious exploits are well documented.

John
__________________
John Kennett is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off





Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 03:34.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.