« previous next »
Pages: [1]   Go Down

Author Topic: Forms & Javascripts ¬_¬  (Read 526 times)

Offline KingMonkey Throughout!

  • Somebody Told Me!
  • Level 13
  • *
  • Posts: 102
  • Reputation: +3/-17
    • View Profile
Forms & Javascripts ¬_¬
« on: May 14, 2009, 12:17:01 PM »
I have Many Forms which you can insert data into, I have been checking the Net for a Code which does not execute Javascripts from the Forms, However, I need a Little Help

Is there a Code which i can insert into my Configure File to stop this?

Only reason is that it happened to me a while back when i had a Game in Alpha.

Thanks
Logged
PHP Game Programer!

Offline Nox

  • Level 35
  • **
  • Posts: 767
  • Reputation: +12/-2
    • View Profile
Re: Forms & Javascripts ¬_¬
« Reply #1 on: May 14, 2009, 12:27:34 PM »
Use htmlspecialchars when writing something from database, that will neutralize JS
Logged
Meet us at an IRC irc.freenode.net #bbg as well
https://vimeo.com/36579366 (a must-watch) | Join BOINC - no longer a hype, but you can help never the less

Offline Harkins

  • Level 28
  • **
  • Posts: 424
  • Reputation: +11/-2
  • Coder, blogger, entrepreneur.
    • View Profile
    • Push CX - Blog
Re: Forms & Javascripts ¬_¬
« Reply #2 on: May 14, 2009, 01:01:51 PM »
What you're seeing is called a Cross-site scripting attack. That Wikipedia page has a good introduction, you can search for that name or XSS to find more info.
Logged

Visit #bbg on irc.freenode.net to talk browser games anytime.
Pages: [1]   Go Up
« previous next »
 
SimplePortal 2.3.3 © 2008-2010, SimplePortal