Icy Phoenix

     
 


Post new topic  Reply to topic 
Page 1 of 1
 
 
Reply with quote Download Post 
Post Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
6763945597

1812975536


even in the browser tab:

8943905888


But not in "POST REPLY" I mean normal reply...

1981736027

0572942592


Why?  
 



 
CristianitaSend private messageVisit poster's website  
Back to topPage bottom
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.

Support us
 
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi;

It is done to avoid HTML injection, but this one case needs to be smarter -- we need to differentiate between a value that could be from an attacker or from a trusted source.
 




____________
IcyPhoenix ADR RPGEzArena (modded phpBB2+ADR)
 
InformproSend private message  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Informpro wrote: [View Post]
Hi;

It is done to avoid HTML injection, but this one case needs to be smarter -- we need to differentiate between a value that could be from an attacker or from a trusted source.
I'm not sure if I understood you. I think you are saying you need to check this feature, aren't you?
 



 
CristianitaSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi,

Yes, I am saying we are trying to be safe, but we are too safe because of this.
 




____________
IcyPhoenix ADR RPGEzArena (modded phpBB2+ADR)
 
InformproSend private message  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Informpro wrote: [View Post]
Hi,

Yes, I am saying we are trying to be safe, but we are too safe because of this.
So it's better if we don't use this quotes in the titles, isn't it? Is that what you mean?
 



 
CristianitaSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
I will fix the issue in Quick Reply, but I won't fix it on page title, since injections may be possible.

I'm sure I added all these fixes because of security reasons in the past.
 




____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
 
Mighty GorgonSend private messageSend e-mail to userVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Mighty Gorgon wrote: [View Post]
I will fix the issue in Quick Reply, but I won't fix it on page title, since injections may be possible.

I'm sure I added all these fixes because of security reasons in the past.

I got it... Thanks for all, avatar Mighty Gorgon
 



 
CristianitaSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Using Quotes (") In The Topic Title, It Shows This Signs (") In The Quick Reply. 
 
Hi, God bless you, guys!
 



 
CristianitaSend private messageVisit poster's website  
Back to topPage bottom
Post new topic  Reply to topic  Page 1 of 1
 


Display posts from previous:    

HideWas this topic useful?

Link this topic
URL
BBCode
HTML




 
Permissions List
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events


  

 

  cron