Jump to content

BBCode slideshow anywhere


Yurri

Recommended Posts

  • 6 months later...


Very simple decision... IP Board slideshow anywhere on your IP Suite.

hi, i have tested your bbcode and I see a potential risk of security. the code is like:

<iframe class='bbc' src='http://{content}'  width="640px" height="640px"></iframe>

as far as I think people can enter any url which could contain malicious code or any other html content and you have no control over it.

I assume the least I could do is to change the bbcode to

<iframe class='bbc' src='http://www.mysite.com/gallery/{content}' width="640px" height="640px"></iframe>

and let the people just copy the last part which would be something like this

slideshow/album-8/

or is this still a risk?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...