• Post Reply Bookmark Topic Watch Topic
  • New Topic

Prevent Security Issues with User Posts  RSS feed

Kerry Baer
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am writing a site that works sort of like a forum such as the JavaRanch forums. I have a Rich Text Editor I am using to allow users to write whatever they like in their post.

I'd like to allow developer posts in which code may be included. In doing so I open up the possibility of people injecting client side scripts that download malware or otherwise cause annoyances or harm to peoples computers.

What are the recommended methods for allowing people to post code without exposing your application to malicious code that will execute when end-users read their posts?

With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!