rubing Posted December 6, 2008 Share Posted December 6, 2008 Evening Folks, I have a web application that I'd like to allow my users to skin. I am thinking about letting the user specify their own style sheet. The url of their style sheet would be stored in my database. So, when they request a page I'll fetch the css url from my database and include it in the headers. Am I exposing myself to any potential dangers with this setup??? I can't think of any. Quote Link to comment Share on other sites More sharing options...
haku Posted December 6, 2008 Share Posted December 6, 2008 As long as you validate the code going into the database to protect from injection attacks, and cross browser scripting, this won't be a problem. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.