Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2915 posts

Uber Geek
+1 received by user: 413

Trusted
Subscriber

Topic # 111861 17-Nov-2012 11:45 Send private message

I've noticed while browsing the forum this morning that a few people are having HTML make it into their posts

Examples here and here.  Is there a problem with the editor?

Create new topic
BDFL - Memuneh
57821 posts

Uber Geek
+1 received by user: 9428

Administrator
Trusted
Geekzone
Subscriber

  Reply # 718699 17-Nov-2012 11:48 Send private message

This only affected posts within a five minutes time window last night, while we switched some code behind the htmlencode/urlencode we use here. This was noted here before.






2915 posts

Uber Geek
+1 received by user: 413

Trusted
Subscriber

  Reply # 718713 17-Nov-2012 11:51 Send private message

Ah right. Sorry didn't realise that was the same root cause. Carry on then!

BDFL - Memuneh
57821 posts

Uber Geek
+1 received by user: 9428

Administrator
Trusted
Geekzone
Subscriber

  Reply # 718715 17-Nov-2012 11:56 Send private message

Basically I was thinking of the possibility of some malicious user injecting HTML code on the subject of a forum discussion and that not being filtered when added to your friend's timeline. Therefore when looking at the Wall that code could be executed.

I changed the encoding for all fields around and those strange posts happened while the scripts were being changed (kept the same old routine name but with new defaults and added a new routine).

That's pretty much it.




Create new topic





Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Terabyte looms as Vocus users download 430GB a month
Posted 19-May-2017 14:51


2degrees tips into profit after seven lean years
Posted 19-May-2017 09:47


2degrees growth story continues
Posted 17-May-2017 15:25


Symantec Blocks 22 Million Attempted WannaCry Ransomware Attacks Globally
Posted 17-May-2017 12:41


HPE Unveils Computer Built for the Era of Big Data
Posted 17-May-2017 12:39


Samsung Galaxy S8 Plus review: Beautiful, feature-packed
Posted 16-May-2017 20:14


After ten years of mail pain Spark is done with Yahoo
Posted 15-May-2017 13:12


Warnings from security firms: do not click that link or risk your computer being infected
Posted 15-May-2017 10:11


Pushpay named NZ Hi-Tech Company of the Year 2017
Posted 15-May-2017 09:59


Passive Optical Lan means fibre to the desktop
Posted 12-May-2017 17:09


Finalists Named for 2017 CIO Awards
Posted 11-May-2017 20:00


Exhibition to showcase digital artwork from across the globe
Posted 10-May-2017 18:54


Accelerate 2017 to focus on navigating disruption with a design thinking mindset
Posted 10-May-2017 18:49


James Pascoe Group switches to Rimini Street for support of SAP aplications
Posted 10-May-2017 18:40


Microsoft New Zealand introduces breakthrough employee family leave benefits
Posted 10-May-2017 18:37



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.