Icy Phoenix

     
 

Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply.

Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply.

Article
Reply with quote    Download Post  
Post Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
6763945597

1812975536


even in the browser tab:

8943905888


But not in "POST REPLY" I mean normal reply...

1981736027

0572942592


Why?  



 
Cristianita - View user's profile Send private message  
Cristianita [ Fri 11 May, 2018 07:38 ]
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.

Support us


Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply.

Comments
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi;

It is done to avoid HTML injection, but this one case needs to be smarter -- we need to differentiate between a value that could be from an attacker or from a trusted source.



 
Informpro - View user's profile Send private message  
Informpro [ Sat 12 May, 2018 21:50 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Informpro wrote: [View Post]
Hi;

It is done to avoid HTML injection, but this one case needs to be smarter -- we need to differentiate between a value that could be from an attacker or from a trusted source.
I'm not sure if I understood you. I think you are saying you need to check this feature, aren't you?



 
Cristianita - View user's profile Send private message  
Cristianita [ Sat 12 May, 2018 22:07 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi,

Yes, I am saying we are trying to be safe, but we are too safe because of this.



 
Informpro - View user's profile Send private message  
Informpro [ Sat 19 May, 2018 15:34 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Informpro wrote: [View Post]
Hi,

Yes, I am saying we are trying to be safe, but we are too safe because of this.
So it's better if we don't use this quotes in the titles, isn't it? Is that what you mean?



 
Cristianita - View user's profile Send private message  
Cristianita [ Sat 19 May, 2018 22:47 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
I will fix the issue in Quick Reply, but I won't fix it on page title, since injections may be possible.

I'm sure I added all these fixes because of security reasons in the past.



 
Mighty Gorgon - View user's profile Send private message  
Mighty Gorgon [ Tue 05 Jun, 2018 00:12 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Mighty Gorgon wrote: [View Post]
I will fix the issue in Quick Reply, but I won't fix it on page title, since injections may be possible.

I'm sure I added all these fixes because of security reasons in the past.

I got it... Thanks for all, avatar Mighty Gorgon



 
Cristianita - View user's profile Send private message  
Cristianita [ Tue 05 Jun, 2018 01:00 ]
Reply with quote    Download Post  
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi, God bless you, guys!



 
Cristianita - View user's profile Send private message  
Cristianita [ Sat 18 Aug, 2018 19:04 ]
Display posts from previous:    

HideWas this topic useful?

Post new topic  Reply to topic  Page 1 of 1
 
 




 


 

  cron