Signature Woes

  Post new topicReply to topicPrintable Version
<< View previous topic View next topic >>
Share: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
#1   Signature Woes
Father
CZ Newbie
Father has been a member for over 19 year's 19 Year Member
Gender: Male
Status: Offline
Joined: Dec 16, 2004
0.00 posts per day
Posts: 13
Points: 592
   
Running 7.6 and having my users are having some sig probs that did work on 6.5

Following codes:


<IFRAME SRC="http://www.gamearena.com.au/services/ladders/teamframe.php?id=13895" WIDTH=350 HEIGHT=140 SCROLLING=NO></IFRAME>


and

<img src="http://img.photobucket.com/albums/v472/ozrocket/bf_sig11.jpg">
<img src="http://cailith.theoldergamers.com/images/redback/chaplain_redback.jpg">


allow html is on in the config.


Back to top Reply with quote
#2   re: Signature Woes
madman
CZ Moderator
madman has been a member for over 19 year's 19 Year Member
Status: Offline
Joined: Dec 06, 2004
0.00 posts per day
Posts: 21
Points: 1,234
 Yahoo Messenger  
IFRAME tag restricted in mainfile.php. Find the following line from that file and remove (or comment it):
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||


For IMG tag, use [ img ] bbcode instead, even if your users allowed to post few HTML tags.



_________________
Cheers,
madman
Back to top Reply with quote
#3   re: Signature Woes
Father
CZ Newbie
Father has been a member for over 19 year's 19 Year Member
Gender: Male
Status: Offline
Joined: Dec 16, 2004
0.00 posts per day
Posts: 13
Points: 592
   
IC, is there a security risk to Iframe?

Why would be it be restricted by default?



Back to top Reply with quote
#4   Re: re: Signature Woes
madman
CZ Moderator
madman has been a member for over 19 year's 19 Year Member
Status: Offline
Joined: Dec 06, 2004
0.00 posts per day
Posts: 21
Points: 1,234
 Yahoo Messenger  


Originally posted by Father @ Sat Dec 18, 2004 10:34 am:

IC, is there a security risk to Iframe?
Why would be it be restricted by default?

IFRAME is common ancient hacking defacement techniques. If you cannot gain control on how IFRAME should displayed on your site, people may embed IFRAME tag at the top-most page (e.g. displaying something that should not seen by your site visitors), hiding your actual site's page at the bottom on client browsers.




_________________
Cheers,
madman
Back to top Reply with quote
Display posts from previous:      
Add To: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
<< View previous topic View next topic >>
Post new topicReply to topic

Jump to 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum