search for: in: entire forum this post
you are here: root => Bugs => FIXED => SOLUTION APPLIED in 1.034 - possibility to make posts very long or very large by abusing width and h...
member since:
folders:
10
posts:
22
replies:
75

SOLUTION APPLIED in 1.034 - possibility to make posts very long or very large by abusing width and height attributes in tags that support them

that is something that hasnt yet been fully tested; but in theory if ppl used very big width or height values on tags that support these attributes such as tables and 3rd party tags. they could make posts very long or very large.

very large has been tested and its not such a big deal, only the post in question becomes very large but others remain normal.

i dont think i tested very long though but now that i think about it, it could be quite annoying.

anyways, for the moment if anyone ever abuses things such as this you can always use mod tools such as banning user or banning ip to protect yourself from the annoyers. and most ppl would never think of that (unless they have read this post).

but anyways, i will look for a solution to prevent that.

my first idea at the moment would be to add a code completely at the end of the bbcode rendering that just has a look at all width:xxpx; height:xxpx; and width=xx height=xx (maybe just those inside of <> html tags) and replaces the values that are too big by a fixed maximum.

maybe this feature could be implemented in the same parsing routine that i think i might add to cut off long words with no spaces outside of <> html tags

wassaa


test: test
post #113 permalink
please login to reply
member since:
folders:
10
posts:
22
replies:
75
so i have applied a solution to this problem instead of really fixing it in the way that i wanted in the first place.

basically to keep it a short story, i have set up something with CSS and Javascipt that will make a post get scrolling bars if its too big for the page instead of the whole page stretching.

i would have liked to do something only with CSS but it was impossible.

i have also placed a backup solution for those who dont have javascript enabled that uses max-width and max-height but this backup solution does not work on internet explorer

-----------

this new update will be available in nodesforum 1.034

wassaa


test: test
post #128 permalink
please login to reply

moderators of this post

envis (level: ∞)
powered by Nodesforum