You are not connected. Please login or register

FMCodes • All-in-one Webmasters community » Miscellaneous » Suggestions & Feedbacks » Refused Suggestions » HTML Vulnerability

HTML Vulnerability


+3 Niko Sir Chivas тнє ๖ۣۜSнυғғ׆ϵя ツ 7 posters

#1 - Posted Tue Jun 05, 2012 2:31 am

тнє ๖ۣۜSнυғғ׆ϵя ツ

I'm a new member

Community veteran
You belong to this community since its ancient time

Forum member
Belongs to the community of FMCodes

Posts :

Points :

Hey staff or admin I suggest that the HTML Should be deactivated for Security issues.

The problem is that anyone can put a full HTML page in a thread, and it will work.

If you guys are being ignorant watch this.

http://www.fmcodes.com/t577-the-html-vulnerability#3231

#2 - Posted Tue Jun 05, 2012 2:51 am

Sir Chivas

Community veteran
You belong to this community since its ancient time

Passioned user
You have participated in 50+ different topics, a true fan!

Forumotion expert
This user is an expert with Forumotion free forum hosting

10th Anniversary (Grand Re-open)
Thanks for being part of our grand re-opening

Active Contributor
The user has wrote more than 100 posts and comments

Posts :

Points :

Notice

Hello,

I will pass this up to the Administrators, for further discussions and notice.

Also, for the future, please refrain creating multiple identical topics.

#3 - Posted Wed Jun 06, 2012 12:19 am

Niko

Forum Administrator

Team contributor
You have been part of the community team

Community veteran
You belong to this community since its ancient time

Active Contributor
The user has wrote more than 100 posts and comments

Passioned user
You have participated in 50+ different topics, a true fan!

Post lover
You have liked more than 50 posts!

Beta Tester
You have been part of the Beta-Testing team

Forumotion expert
This user is an expert with Forumotion free forum hosting

10th Anniversary (Grand Re-open)
Thanks for being part of our grand re-opening

Merry Christmas 2022
Thanks for having been with us during Christmas season!

Forum Writer
You have opened more than 20 topics on the forum

The Life of the Party
You have made more than 20 members in our community, wow!

Members Guru
You have received more than 50 likes on your posts. Our members really what you have to say!

Posts :

Points :

Hello,

1st. Moved to suggestion forum
2nd. Well, No one has already posted an html code... We will see

Read our Rules Know the staff Introduce yourself

#4 - Posted Wed Jun 06, 2012 4:34 pm

LGforum

Veteran team member

Community veteran
You belong to this community since its ancient time

Forumotion expert
This user is an expert with Forumotion free forum hosting

Team contributor
You have been part of the community team

Very active poster
The user has wrote more than 75 posts

Climbing user
You have participated in 20+ different topics, keep it up!

Posts :

Points :

Really HTML is enabled? Oh dear.

I believe script tags are stripped out of the posts, so there are no script issues.
But here are some things that aren't stripped and would cause issues:

Code:: <div style="position:fixed;top:0px;left:0px;background:#000;width:100%;height:10000px;text-align:center;padding-top:100px">HTML issue, tut tut.</div>

Code:: <style>body { display: none }</style>

Or I wonder if Iframes work?
Oh my god they do... so thats the script issue brought back immediately. You should disable HTML... or I'll start demonstrating live, the potential issues. nonIo

#5 - Posted Sun Jun 10, 2012 5:42 pm

LGforum

Veteran team member

Community veteran
You belong to this community since its ancient time

Forumotion expert
This user is an expert with Forumotion free forum hosting

Team contributor
You have been part of the community team

Very active poster
The user has wrote more than 75 posts

Climbing user
You have participated in 20+ different topics, keep it up!

Posts :

Points :

I notice HTML is still enabled.
This is a big issue that you need to sort. Luckily most browsers have security systems in place to prevent such things, but most still don't.

#6 - Posted Sun Jun 10, 2012 5:51 pm

Guest

Guest

We'll try to disable it. But we have to change every single tutorial and Information topic. nonIo

#7 - Posted Mon Jun 11, 2012 5:58 pm

Niko

Forum Administrator

Team contributor
You have been part of the community team

Community veteran
You belong to this community since its ancient time

Active Contributor
The user has wrote more than 100 posts and comments

Passioned user
You have participated in 50+ different topics, a true fan!

Post lover
You have liked more than 50 posts!

Beta Tester
You have been part of the Beta-Testing team

Forumotion expert
This user is an expert with Forumotion free forum hosting

10th Anniversary (Grand Re-open)
Thanks for being part of our grand re-opening

Merry Christmas 2022
Thanks for having been with us during Christmas season!

Forum Writer
You have opened more than 20 topics on the forum

The Life of the Party
You have made more than 20 members in our community, wow!

Members Guru
You have received more than 50 likes on your posts. Our members really what you have to say!

Posts :

Points :

Mathias wrote:We'll try to disable it. But we have to change every single tutorial and Information topic.

As Mathias said... Our topics works on html: If we uneable it, we are a terrible forum ;(

Read our Rules Know the staff Introduce yourself

#8 - Posted Mon Jun 11, 2012 8:53 pm

LGforum

Veteran team member

Community veteran
You belong to this community since its ancient time

Forumotion expert
This user is an expert with Forumotion free forum hosting

Team contributor
You have been part of the community team

Very active poster
The user has wrote more than 75 posts

Climbing user
You have participated in 20+ different topics, keep it up!

Posts :

Points :

What a bad idea.

You'll see your last post in this topic is hidden. Its hidden with css within this post. One major flaw. Thats just an example.

#9 - Posted Wed Jul 25, 2012 12:03 pm

Nathan

Veteran team member

Community veteran
You belong to this community since its ancient time

Active Contributor
The user has wrote more than 100 posts and comments

Friendly user
You have added many community members as friends!

Passioned user
You have participated in 50+ different topics, a true fan!

Team contributor
You have been part of the community team

Posts :

Points :

very bad idea i think users using some intermediate scripts will risk our view with some great and powerfull scripts

#10 - Posted Wed Jul 25, 2012 11:40 pm

Nathan

Veteran team member

Community veteran
You belong to this community since its ancient time

Active Contributor
The user has wrote more than 100 posts and comments

Friendly user
You have added many community members as friends!

Passioned user
You have participated in 50+ different topics, a true fan!

Team contributor
You have been part of the community team

Posts :

Points :

about that i think i have suggestion for this forum on here
It's a teamwork! We need a temwork!
first i think all staff members need to generate all the html to bb codes and the members
so then i-lgforum-chris-dans and other staff members reposting the original BBcode
third
All request from members and topics edit is on some PM so Luky pm shouldn't be inactive
Fourth change all the codes of this forum prefectly with bbcodes
and then all of users must doesn't use html and only staff are able to use it okay?
:birra:

Great idea? yes

:B):

:<3:

#11 - Posted Sun Jul 29, 2012 8:57 pm

Ryan

Community veteran
You belong to this community since its ancient time

Forum member
Belongs to the community of FMCodes

Posts :

Points :

#12 - Posted Mon Jul 30, 2012 11:06 pm

Nathan

Veteran team member

Community veteran
You belong to this community since its ancient time

Active Contributor
The user has wrote more than 100 posts and comments

Friendly user
You have added many community members as friends!

Passioned user
You have participated in 50+ different topics, a true fan!

Team contributor
You have been part of the community team

Posts :

Points :

Ryan wrote:

ow don't post an iframe dude

#13 - Posted Sun Feb 23, 2014 12:51 am

Hancki

I'm a new member

Community veteran
You belong to this community since its ancient time

Forum member
Belongs to the community of FMCodes

Posts :

Points :

This could be a real problem! :/

Don't allow HTML, it can be a problem!

HTML Vulnerability

Topic Actions

Sponsored

Log in

Become Partner

Latest topics

Top posting users this month

Premium Affiliates