Welcome To P8ntballer.com
The Home Of European Paintball
Sign Up & Join In

HTML in posts?

John C

John C

Told u So.
Jul 7, 2001
3,764
2
0
Under a pile of boards.
www.spitfirepaintball.co.uk
<marquee>
<h2>
I dunno, why dont you give it a try!!!
</h2>
</marquee>



<a onMouseover="window.status='JavaScript works on P8 Talk'; return true">
Test OnMouseover
</a>


Yeah both seem to work.

I believe it is very dangerous to allow people to put scripts inside forum messages.

Just by reading this message I could make your computer do alot of nasty things.
 
John C

John C

Told u So.
Jul 7, 2001
3,764
2
0
Under a pile of boards.
www.spitfirepaintball.co.uk
Originally posted by Bolter
can you explain what you mean to us noobs please John?
Click to expand...


Javascript is a very powerful scripting language used in websites.

When you hover over the test onMouseOver it displays JavaScript works on P8 Talk in the caption bar at the bottom.

I could just as easily close your browser, bookmark this page or send you to my favorite porn site, all with a couple of words of code.

This could all happen just by reading one of my posts (with JavaScript in it) you wouldnt even need to click a button and you wouldnt even know it was happening.



There are other much worse things you can do which Matty has hinted at.

The most powerful ones require another server to do all the dirty work, but I could easily include a script in a forum message to ensure that everyone who reads my message (with JS enabled) is affected.

I dont want to encourage people so I will not go into details.




Although disabling JavaScript will stop these attacks, it will also reduce many of the features of this forum.
 
stark

stark

New Member
Apr 25, 2003
146
0
0
London, UK
tamber.com
Originally posted by John C

This could all happen just by reading one of my posts (with JavaScript in it) you wouldnt even need to click a button and you wouldnt even know it was happening.

Although disabling JavaScript will stop these attacks, it will also reduce many of the features of this forum.
Click to expand...
JavaScript is mostly benign, the worst it can do is make lots of anoying pop-up windows appear. ActiveX, now there a language with some serious security problems.
 
snowythehobo

snowythehobo

.::UKs Smallest Player::.
Jan 26, 2003
277
0
0
Engaland
www.teamapoc.co.uk
BMP?

Originally posted by Azz3h
Just out of interest - why are all your images as BMP's? Want them redoing as JPG's?
Click to expand...
if your referring to me, then the one image i have in my sig which is a BMP is a BMP because it is better quality than a JPEG... thanks though :rolleyes:
 
You must log in or register to reply here.
Top Bottom