Are you ready to switch to HTML parsing permanently?

Опрос: A global switch to HTML parsing

Are you ready?

Теги: Bbcode
Html
Parsing
Wysiwyg

donP	#24106 14.04.2010 21:35
Members	Koradhil: You can still send a manual POST containing malicious HTML (through a custom HTTP request), so Javascript can still be bypassed. But if anybody tries disabling Javascript to edit directly HTML code NO TEXTAREA AT ALL would appear with that method, no? Or I'm misunderstanding? So, how can anybody try to send HTML code to database if there's no a textarea? Koradhil: As far as I know, there is no option to insert new rows or columns in the middle of an existing table (or even add rows at the end) in FCK / CKeditor. You're wrong, try here yourself: http://ckeditor.com/demo Every part of table, rows, cells is configurable clicking with the right button of your mouse. You can add, delete, merge, separate, change colors etc of rows, columns, cells... in [color=#729FCF][b]BLUES[/b][/color] I trust

donP

#24106 14.04.2010 21:35

Koradhil:
You can still send a manual POST containing malicious HTML (through a custom HTTP request), so Javascript can still be bypassed.

But if anybody tries disabling Javascript to edit directly HTML code NO TEXTAREA AT ALL would appear with that method, no? Or I'm misunderstanding?

So, how can anybody try to send HTML code to database if there's no a textarea?

Koradhil:
As far as I know, there is no option to insert new rows or columns in the middle of an existing table (or even add rows at the end) in FCK / CKeditor.

You're wrong, try here yourself:
http://ckeditor.com/demo
Every part of table, rows, cells is configurable clicking with the right button of your mouse. You can add, delete, merge, separate, change colors etc of rows, columns, cells...

in [color=#729FCF][b]BLUES[/b][/color] I trust

Yes, if migration is automated	83.3%	65
No, never	1.3%	1
Please support multiple parsers, despite it is hard to maintain!	15.4%	12