[Typo3-dev] Security Problem - HTML
Christoph Moeller
chris at byters.de
Tue Sep 23 16:17:09 CEST 2003
Dominic Brander schrieb:
> I think this is a good way to go.
> we can not give a 100% security as this is not possible.
> but we can give some tools to admins to control at least a few things.
Yes. That way no admin could be tricked into viewing the manipulated FE
page.
btw: I re-thought my suggestion about HTMLcleaner and thought it might
be better to experiment with the functions involved with HTMLparser_db
since HTMLcleaner is IMO called upon every page/CE delivery...imagine
the heap of warning mails ;)
Still searching for the right hook in the sources...
Chris
More information about the TYPO3-dev
mailing list