Gossamer Forum
Home : Products : Gossamer Forum : Testing Forum :

HTMl Testing ???

Quote Reply
HTMl Testing ???
Are you going to allow a forum for HTML testing on these boards? It seems that nearly every other feature has been explored bar HTML testing. Maybe we could help debug this feature if it was permitted on a board?

Or are you confident that it's in full working order ? ...

- wil
Quote Reply
Re: [Wil] HTMl Testing ??? In reply to
Hi,

Allowing HTML is a security risk. For instance, you could post a message that could contain Javascript. Then when someone views the message, it can do anything on the forum as you. Not good. =)

We do recommend in the program not to allow html unless you are on an intranet, or some other controlled environment.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] HTMl Testing ??? In reply to
Yeah, I realise that allowing HTML is a security risk. I was just wondering if the forum actually supports HTML outright or only recognised tags? Maybe a better idea would be to allow partial HTML - only trusted tags (no javascript etc.).

Cheers

- wil
Quote Reply
Re: [Wil] HTMl Testing ??? In reply to
Hi,

Yes, it supports having full HTML on. We don't try to parse it, as there are so many ways to sneak something in, I wouldn't want to give people a false sense of security. That's the main reason why we can't enable it on a single board here.

Cheers,

Alex
--
Gossamer Threads Inc.
Quote Reply
Re: [Alex] HTMl Testing ??? In reply to
Hi Alex

OK. These so-called markup tags seem to work well anyhow! :-)

Cheers

- wil
Quote Reply
Re: [Wil] HTMl Testing ??? In reply to
The thing to note about these markup tags is that it is very simple to add new ones. Of all the tags, the only ones that aren't so simple are the [url] (and [email]), [img], and of course the custom font colors (Ie. [#ff8000]orange[/#]). However, even things this complex (and as complex as you want) can be added through relatively simple plugins (a single hook).

Jason Rhinelander
Gossamer Threads
jason@gossamer-threads.com
Quote Reply
Re: [jagerman] HTMl Testing ??? In reply to
That's good. I was looking at another forum the other day that had support for Bulleted lists. This could be nice feature to add.

- wil