Cantrell, Adam wrote:
> In a past life I've done this before, but I was hoping somebody could give
> me a refresher. How are you guys generally dealing with people entering
> things like:
>
> <IMG SRC="javascript:alert('unsecure')">
>
> into text inputs on your websites? Do you just use
> #htmlEditFormat(form.myField)# on the action page?
Usually. Sometimes there are special requirements that make this a
no-go, but in general it is the easiest solution. Together with
cfqueryparam ofcourse :)
> Does anyone have an
> online resource, or possibly a custom tag that deals with issues such as
> these?
cflib.org has some UDF's.
> Going live with a few sites next week and want to make sure I have
> all my bases covered with the $cr1p7 k1dd13 H4X0RZ!!!!
Just post the URL :)
Jochem
______________________________________________________________________
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community. http://www.fusionauthority.com/ads.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
