No announcement yet.

Web page copied and pasted in post: Security Risk?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Web page copied and pasted in post: Security Risk?

    It isn't allowed to past html code into a forum post, but I just scrolled and copied an entire web page with Firefox and then pasted it into a forum post and it showed up exactly like the original page.

    Is this a security risk? I do know that the items in the page weren't set to target a blank page and they do in the post. Just curious thanks. This does not work in this forum, so if there a setting to stop that from occuring?

    - bT

  • #2
    What's the link to that post? The only way I can see that happening is if you've enabled HTML.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography

    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    • #3
      First of all, if you are using the WYSIWYG editor, you "get it all", as-is. If HTML is turned off, raw HTML code will not parse.


      • #4
        "raw HTML code" will be sanitized, it's not a matter of not being parsed. Small but important difference .


        • #5
          After further investigation, only administrators are capable of copying/pasting html pages (not code) into the WYSIWYG panel.

          When registered users do this, it shows up as sanitized text.

          Thanks for the input,