| Author | Nurlan |
| Date | 2005-06-27 14:02 |
| Posts: |  Bug in OPN - users can hack OPN, It can be used in forum, guestbook, shoutbox and other modules, in which they can use HTML tags.
See test of this Bug here. www.tamga.info |
| Author | Nurlan |
| Date | 2005-06-27 14:02 |
| Posts: | Bug in OPN - users can hack OPN, It can be used in forum, guestbook, shoutbox and other modules, in which they can use HTML tags.
See test of this Bug here. www.tamga.info |
| Author | hombergs |
| Date | 2005-06-27 17:53 |
| Posts: | This happens when you activate all attributes for the tag in Settings HTML.
Cause then OPN will allow all attributes for this tag. Maybe we should deactivate the JavaScript attributes. H.O.M.B.E.R.G.S.: Hydraulic Obedient Machine Built for Efficient Repair and Galactic Sabotage  There are no problems, only defiances.  |
| Author | hombergs |
| Date | 2005-06-27 18:25 |
| Posts: | With Revison 3583 the HTML Settings has a new setting. Only Tag, All Attributes and All Attributes (Including JavaScript Events). When only All Attributes is selected OPN will filter out the onerror and onload event.
When you have more events to filter, please tell us this events. We will implement this events in the filter. H.O.M.B.E.R.G.S.: Hydraulic Obedient Machine Built for Efficient Repair and Galactic Sabotage There are no problems, only defiances. [ This message was edited by: hombergs on 2005-06-27 18:29 (Original date 2005-06-27 18:25) ] |
| Author | hombergs |
| Date | 2005-06-27 19:32 |
| Posts: | With Revision 3584n the filtering of the JavaScript events are made by a preg_replace call.
OPN filters now 19 known Events at the moment. H.O.M.B.E.R.G.S.: Hydraulic Obedient Machine Built for Efficient Repair and Galactic Sabotage There are no problems, only defiances. |
 Print this page
 Close this page
|
This article comes from OpenPHPnuke International Support |
| http://www.openphpnuke.com/ |