FUDforum: Bug Reports » [img]

Home » FUDforum Development » Bug Reports » [img] - PHP injection??!!

Show: Today's Messages :: Polls :: Message Navigator

Re: [img] - PHP injection??!! [message #22336 is a reply to message #22333]

Fri, 28 January 2005 16:42

Ilia

Messages: 13241
Registered: January 2002

Karma:

Senior Member
Administrator
Core Developer

You can disallow [img] tag if you are concerned about this issue. No amount of validation is going to secure remote images, since you can make the remote server do whatever it wants with the request. And allowing local image links only is pretty pointless functionality.

FUDforum Core Developer

Report message to a moderator

[Message index]

		[img] - PHP injection??!! By: ggray on Fri, 28 January 2005 15:17
		Re: [img] - PHP injection??!! By: JamesS on Fri, 28 January 2005 16:13
		Re: [img] - PHP injection??!! By: ggray on Fri, 28 January 2005 16:29
		Re: [img] - PHP injection??!! By: Ilia on Fri, 28 January 2005 16:42
		Re: [img] - PHP injection??!! By: ggray on Fri, 28 January 2005 17:19
		Re: [img] - PHP injection??!! By: Ilia on Fri, 28 January 2005 17:23
		Re: [img] - PHP injection??!! By: ggray on Fri, 28 January 2005 17:35

Previous Topic:	Unknown table 'fud26_fl_' when deleting forums
Next Topic:	Customer complaint

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Wed Jul 03 01:33:05 GMT 2024

Total time taken to generate the page: 0.04387 seconds