iframe bbcode not possible?
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
iframe bbcode not possible?
Hi, when testing several custom BBcodes I noticed any <iframe> parameter is not embedded. Anyone know why this is?
-
- Registered User
- Posts: 687
- Joined: Sun May 11, 2003 11:17 am
Re: iframe bbcode not possible?
Inclusion of iframes opens some very significant security issues. If it's explicitly excluded from being run, I would applaud this.
You can never go home again... but I guess you can shop there.
Re: iframe bbcode not possible?
You might be doing something wrong.
I just tried this and was sucessful in adding a Iframe bbcode.
I just tried this and was sucessful in adding a Iframe bbcode.
Re: iframe bbcode not possible?
Hmm...could I possibly see how you did it? Just as a reference?
- Highway of Life
- Registered User
- Posts: 1399
- Joined: Tue Feb 08, 2005 10:18 pm
- Location: I'd love to change the World, but they won't give me the Source Code
- Contact:
Re: iframe bbcode not possible?
Shoes, we've used it before as well, but I echo what was said before... I STRONGLY recommend NOT using an iframe BBCode, but find another method to achieve your goal... even if it's a MOD, trust me, you don't want to open up the ability for users to exploit a security hole.
Re: iframe bbcode not possible?
My Linux Webhosting admin (=Helpdesk lady) confirmed that its safe to use iframe.Highway of Life wrote:Shoes, we've used it before as well, but I echo what was said before... I STRONGLY recommend NOT using an iframe BBCode, but find another method to achieve your goal... even if it's a MOD, trust me, you don't want to open up the ability for users to exploit a security hole.
Should it be taken seriously ?
Re: iframe bbcode not possible?
Its security wise a bad idea to add a iframe bbcode.
-
- Registered User
- Posts: 653
- Joined: Wed Sep 21, 2005 3:01 pm
Re: iframe bbcode not possible?
it might be perfectly safe to use iframes (although, for various reasons *other than security*, i think it's a good idea to use it as little as possible, preferably never).user99 wrote:My Linux Webhosting admin (=Helpdesk lady) confirmed that its safe to use iframe.
Should it be taken seriously ?
however, that doesn't mean that it's safe to have an iframe bbcode: with iframe bbcode, you let every (potentially malicious) poster to determine what will be the content of the iframe, which is quite different than "using iframe", where you yourself decide what will be the content.
-
- Extension Customisations
- Posts: 177
- Joined: Fri Jul 09, 2004 11:53 am
- Location: Australia
- Contact:
Re: iframe bbcode not possible?
Indeed, the helpdesk lady may have thought you means including an iframe on an HTML page - which is fine, because YOU would be choosing which site is in the frame.code reader wrote:it might be perfectly safe to use iframes (although, for various reasons *other than security*, i think it's a good idea to use it as little as possible, preferably never).user99 wrote:My Linux Webhosting admin (=Helpdesk lady) confirmed that its safe to use iframe.
Should it be taken seriously ?
however, that doesn't mean that it's safe to have an iframe bbcode: with iframe bbcode, you let every (potentially malicious) poster to determine what will be the content of the iframe, which is quite different than "using iframe", where you yourself decide what will be the content.
Open that option up to everyone though, and you have no control what gets put in there. Not worth the risk.
Customisations Team
Re: iframe bbcode not possible?
Hey man, why do not consider the possibility to let that blamed "iframe bbcode" to be used only for
certain group of members.
I think that a forum must have a core of trusted members.
So, all we have to do is to let ONLY those members to use that iframe bbcode.
A kind of MOD like the one allowing posting URLs afer one million posts, allow using smilies [only 2,31 pe post]
for the ones that have posted 2,2 billion posts without off-topic and so on...
certain group of members.
I think that a forum must have a core of trusted members.
So, all we have to do is to let ONLY those members to use that iframe bbcode.
A kind of MOD like the one allowing posting URLs afer one million posts, allow using smilies [only 2,31 pe post]
for the ones that have posted 2,2 billion posts without off-topic and so on...