GB_001 Posted March 14, 2011 Share Posted March 14, 2011 Hello, On my site I am allowing users to post HTML and I'm in the planning phase. I'm already written REGEX to get rid of <script> and <frame> tags, but I have ran into a problem regarding <embed> it seems as though in browsers such as chrome <embed> acts like an <iframe> tag. The problem is that with this sort of behavior users may link to potentially harmful sites like infinite alert boxes ect. How will I bee able to make sure users don't embed websites instead of flash? Alternate Question: Also if I do allow users to include websites, how could I disable alert boxes? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.