There doesn't seem to be a webserver at that URL, so I can't see what
you're doing wrong.
Anyway, you first need to think carefully about how to protect your page
against malicious people who might write malware HTML into the
infowindows that they store on your site. That's quite a tricky problem.
It's a bit too much for me, so I avoid the issue by not rendering the
contents as HTML. If someone writes
<embed src="http:badsite.com/malware.file">
on my page, then the infowindow just displays that text rather than
executing the bad code.
The ultimate solution would be to implement some sort of rich text input
facility, like you see on wikis. The problem with that is that none of
the nice rich text editing facilities that I've seen will work in a div
inside an infowindow. They all require a static div that exists in the
HTML at the time that their JS code gets loaded.
Another approach would be to only allow trusted users to enter data, but
in that case you have to be careful not to violate the Terms.
Another approach would be to remove HTML tags that might possibly be
risky (like the GGeoXml server does). I don't know where you might find
a definitive list of which tags are safe and which aren't, and it might
involve some tricky text processing if the malicious user tries to be
clever.
--
Mike Williams
http://econym.org.uk/gmap
--
You received this message because you are subscribed to the Google Groups
"Google Maps API" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-maps-api?hl=.
