Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2917 posts

Uber Geek
+1 received by user: 414

Trusted
Subscriber

Topic # 111861 17-Nov-2012 11:45
Send private message

I've noticed while browsing the forum this morning that a few people are having HTML make it into their posts

Examples here and here.  Is there a problem with the editor?

Create new topic
BDFL - Memuneh
58125 posts

Uber Geek
+1 received by user: 9645

Administrator
Trusted
Geekzone
Subscriber

  Reply # 718699 17-Nov-2012 11:48
Send private message

This only affected posts within a five minutes time window last night, while we switched some code behind the htmlencode/urlencode we use here. This was noted here before.






2917 posts

Uber Geek
+1 received by user: 414

Trusted
Subscriber

  Reply # 718713 17-Nov-2012 11:51
Send private message

Ah right. Sorry didn't realise that was the same root cause. Carry on then!

 
 
 
 


BDFL - Memuneh
58125 posts

Uber Geek
+1 received by user: 9645

Administrator
Trusted
Geekzone
Subscriber

  Reply # 718715 17-Nov-2012 11:56
Send private message

Basically I was thinking of the possibility of some malicious user injecting HTML code on the subject of a forum discussion and that not being filtered when added to your friend's timeline. Therefore when looking at the Wall that code could be executed.

I changed the encoding for all fields around and those strange posts happened while the scripts were being changed (kept the same old routine name but with new defaults and added a new routine).

That's pretty much it.




Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

NotPetya ransomware attack, New Zealand view
Posted 28-Jun-2017 15:07


Security concerns reach new peak, Unisys Security Index
Posted 27-Jun-2017 14:11


Behind Spark’s slow-burn 4.5G plan
Posted 26-Jun-2017 16:23


Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10


Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10


VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05


Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56


Intel and IOC announce partnership
Posted 22-Jun-2017 18:50


Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05


Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51


Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50


You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47


Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38


Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03


Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.