Buffistas.org
Don't kill anyone if you don't have to. We're here to make a deal.

Mal ,'Serenity'

Buffistas Building a Better Board  

Closed Threads

Do you have problems, concerns or recommendations about the technical side of the Phoenix? Air them here. Compliments also welcome.

To-do list

First Previous Next Last Recent
Gus - Nov 13, 2004 6:36:51 am PST #8768 of 10000
Bag the crypto. Say what is on your mind.

And that's what I think is key -- it's the poster's job to make it look like they want. It's our job to protect the innocent bystanding posts.

Seconding this. However, t a href='http://buffistas.org" does not get fixed, per se, with Tidy 1 (the board version), it merely gets contained. The unmatched delimeter gets converted to an entity. Like this: t a href='http://buffistas.org/"%3E'

Since we already have a better answer than that, I will put in a little post-tidy code to fix it up.

The most mangled html I came up with off the top my head was a busted font tag inside a broken anchor tag. The font tag was between the anchor's 'a' and its 'href'. All kinds of illegal. Tidy cleaned it up right nicely, moving the font outside the anchor and closing both tags real prettily. Impressive.

Rob - Nov 13, 2004 7:28:20 am PST #8769 of 10000

Does tidy have an option to strip Javascript? There's a number of nasty exploits you can do if you can embed Javascript in a post, and it would be nice to prevent them.

Jon B. - Nov 13, 2004 7:42:01 am PST #8770 of 10000
A turkey in every toilet -- only in America!

Do we even allow a t script tag? If so, it's easy to strip them out without tidy since we already do that with lots of other tags.

Lee - Nov 13, 2004 7:48:34 am PST #8771 of 10000
The feeling you get when your brain finally lets your heart get in its pants.

This may just be my browser, but starting here Jessica "Coffee On My Monitor" Oct 30, 2002 11:06:11 pm PST, there is a whitefont problem that goes on for a number of posts.

etbe more specific. Things go back to normal in post 656.

§ ita § - Nov 13, 2004 7:50:00 am PST #8772 of 10000
Well not canonically, no, but this is transformative fiction.

We only let a handful of tags through -- t script isn't one of them. Is there anywhere else it can be embedded?

Jon B. - Nov 13, 2004 7:51:29 am PST #8773 of 10000
A turkey in every toilet -- only in America!

I think I fixed it Lee. Please check since it wasn't a problem in my browser.

Gus - Nov 13, 2004 7:52:06 am PST #8774 of 10000
Bag the crypto. Say what is on your mind.

Tidy won't strip javascript, but the replacement t 's with their entity counterparts already disables in script.

Lee - Nov 13, 2004 7:57:00 am PST #8775 of 10000
The feeling you get when your brain finally lets your heart get in its pants.

Yep, that fixed it, Jon.

Jessica - Nov 13, 2004 12:50:35 pm PST #8776 of 10000
And then Ortus came and said "It's Ortin' time" and they all Orted off into the sunset

This may just be my browser, but starting here Jessica "Coffee On My Monitor" Oct 30, 2002 11:06:11 pm PST, there is a whitefont problem that goes on for a number of posts.

Wow, um, sorry! (Still, I'm impressed that it apparently went unnoticed for two years.)

Lee - Nov 13, 2004 12:55:06 pm PST #8777 of 10000
The feeling you get when your brain finally lets your heart get in its pants.

The same thing happened in one of the threads the other day, Jessica. Because no one else mentioned it, despite there being an active conversation, I assume it was limited to people using Mac OS 10.3.6 and Safari 1.2.4, or in other words, me.

First Previous Next Last Recent