Re: HTML in a Wiki Page.

Features / Usability

Forum List Topic List

Re: HTML in a Wiki Page.

Posted by Damian Parker 09 Nov 2004 01:42 GMT-0000 posts: 2881 United Kingdom

In a wiki environment allowing HTML is a very dangerous option. You should convert all the HTML code to wiki syntax or write some wiki-plugins to generate your HTML forms.

Why is this dangerous?

Well I could post a img src based JS attack on your site. to give me the contents of the tiki login cookie, and then use that data to gain control of the TikiWiki site.

You should always disable HTML on the wiki, and convert anything HTML to use wiki-syntax and wiki-plugins.

Damian
Damosoft - TikiWiki Development Services

Reads: 491

Link

There are no comments at this time.

Jump to forum:

Upcoming Events

1)	16 May 2024 14:00 GMT-0000 Tiki Roundtable Meeting
2)	20 Jun 2024 14:00 GMT-0000 Tiki Roundtable Meeting
3)	18 Jul 2024 14:00 GMT-0000 Tiki Roundtable Meeting
4)	15 Aug 2024 14:00 GMT-0000 Tiki Roundtable Meeting
5)	19 Sep 2024 14:00 GMT-0000 Tiki Roundtable Meeting
6)	08 Oct 2024 Tiki birthday
7)	17 Oct 2024 14:00 GMT-0000 Tiki Roundtable Meeting
8)	21 Nov 2024 14:00 GMT-0000 Tiki Roundtable Meeting
9)	19 Dec 2024 14:00 GMT-0000 Tiki Roundtable Meeting

Latest Page Changes

...more

Features / Usability