Results 1 to 10 of 10

Why isn't HTML allowed? Just wondering.

This is a discussion on Why isn't HTML allowed? Just wondering. within the Feedback forums, part of the General category; I was just wondering why html isn't allowed in the posts. If it was would bad code cause problems with ...
Page: 1


  1. #1
    Nosferatu_Incognito
    Guest

    Default Why isn't HTML allowed? Just wondering.

    I was just wondering why html isn't allowed in the posts. If it was would bad code cause problems with loading the page?

    I'd love to be able to setup a sig pic as a link (or anthying else my html skills allow me to do).

  2. #2
    Hypnos
    Guest

    Default

    You can make a sig pic as a link.

    Code:
    Leaving HTML enabled can be a security risk for forums with a lot of members, like this one. That's why it's off by default.

  3. #3
    Nosferatu_Incognito
    Guest

    Default

    Ok see when I tried it I did

    and it didn't work, I got "link" no space "img"

    Thanks.

  4. #4
    Hypnos
    Guest

    Default

    Look closer at my code. Use = on the url tag.

    This is the result of the code:

  5. #5
    Nosferatu_Incognito
    Guest

    Default

    Ok, something still isn't right...

    http://www.ko4life.com/forums/viewtopic.ph...p?p=40818#40818

    here is the code

    Code:
    Ok, a few people have been jacking the +8 siggy pic off my server... So I've changed the pic name. Sorry to those of you who were jackin it but I pay for the bandwidth.
    
    
    
    
    
    Edit, here is a link to the pic on imageshack. 
    
    
    
    
    
    
    
    here is the url for copy and paste: img229.imageshack.us/img229/8476/85kh1fh.jpg

  6. #6
    Hypnos
    Guest

    Default

    Is this what you're trying to do?
    Code:
    Result of code:

  7. #7
    Nosferatu_Incognito
    Guest

    Default

    I see what was wrong, I had a space between

    and
    Code:

    Thanks Hypnos

  8. #8
    h4x0r Admin Devile's Avatar
    Join Date
    Mar 2006
    Posts
    2,545

    Default

    As Hyp said, HTML is a huge risk. Eventho we are using the latest version of this forum, there are always new ways of exploiting XSS (Cross Side Scripting) which leads to ppl getting hacked.

    XSS is pretty common and seems like a normal/safe URL but when u click the links, it can send u a totally different site where u can pick virus, cookie grabers, etc.

    Is never safe to enable HTML in forums.

  9. #9
    Protoss Arbiter Senior Member
    Join Date
    Mar 2006
    Location
    California
    Posts
    2,296

    Default

    Originally posted by Devile
    As Hyp said, HTML is a huge risk. Eventho we are using the latest version of this forum, there are always new ways of exploiting XSS (Cross Side Scripting) which leads to ppl getting hacked.

    XSS is pretty common and seems like a normal/safe URL but when u click the links, it can send u a totally different site where u can pick virus, cookie grabers, etc.

    Is never safe to enable HTML in forums.
    It's never safe due to the fact you can embed other sites onto the forum, causing:

    1. HUGE Forum load time.
    2. Possibilitiy of embedding Javascript that can either
    a) steal cookies
    B) modify cookies
    c) implant unwanted code into your computer

    The fact is, once you implant HTML onto a site you don't even have to click on a link - just by visiting a forum it could pose the probability of making your computer a target for a hacking attempt.

  10. #10
    Nosferatu_Incognito
    Guest

    Default

    But, if there was better control over who could post in a forum (like mods Ok'ing pending applicants for a forum I.E. a non-public forum), using html in a forum wouldn't hurt the scripting for the forum itself?

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •