Loading...
 
Features / Usability

Features / Usability


Re: HTML in a Wiki Page.

United Kingdom

In a wiki environment allowing HTML is a very dangerous option. You should convert all the HTML code to wiki syntax or write some wiki-plugins to generate your HTML forms.

Why is this dangerous?

Well I could post a img src based JS attack on your site. to give me the contents of the tiki login cookie, and then use that data to gain control of the TikiWiki site.

You should always disable HTML on the wiki, and convert anything HTML to use wiki-syntax and wiki-plugins.

Damian
Damosoft - TikiWiki Development Services

Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.