No such thing as a small change | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I don't like JavaScript, but it does have some useful and entertaining uses.
Sure it has legimate uses. The problem is that allowing third party to put arbitrary javascript code on a web site is insecure. It is called Cross Site Scripting. I'd like to suggest that if any sort of link filtering were to be done on Perl Monks, let it be the removal of onLoad and onUnload JavaScript actions. IIRC filtering of these and similar attributes is already implemented.
-- In reply to Re: Re: (nrd) Filtering potentially dangerous URI schemas in <a href="...">
by IlyaM
|
|