FUDcode in the custom tags? [message #4854] |
Sat, 10 August 2002 06:26 |
MstrBlstr
Messages: 4 Registered: August 2002
Karma: 0
|
Junior Member |
|
|
This is what I try to use.
[color=blue]Site Administrator[/color]
Which sould give me this:
Site Administrator
But it just comes out showing the code.
Am I missing a setting somewhere?
Useing version 2.0.2
Seems I am a little behind..
--MB--
|
|
|
|
|
|
Re: FUDcode in the custom tags? [message #5133 is a reply to message #5127] |
Thu, 22 August 2002 12:53 |
Ilia
Messages: 13241 Registered: January 2002
Karma: 0
|
Senior Member Administrator Core Developer |
|
|
Cannot be done, you got one or the other. The are no plans to add both, enabling HTML while supported by FUDforum is just asking for trouble and opening a whole can of security vunreabilities. Since there is nothing to stop people from placing hidden JavaScript inside their messages that can be used to steal passwords etc...
FUDforum Core Developer
|
|
|
|
Re: FUDcode in the custom tags? [message #5143 is a reply to message #5139] |
Thu, 22 August 2002 13:17 |
Ilia
Messages: 13241 Registered: January 2002
Karma: 0
|
Senior Member Administrator Core Developer |
|
|
you cannot disable JavaScript in any package, since JavaScript can be inserted into virtually any tag.
<script>, <img>, <a>, <form>, <iframe>, and many more...
If you think by disabling a few tags you'll solve the insecurity of HTML, you are fooling yourself. If you enable HTML in FUDforum unless you modify the code, that would mean users will have unrestricted HTML access.
FUDforum Core Developer
|
|
|
|