Why can't we be just allowed to use use html and css to make threads?

24 May, 2020 - 06:59 PM

(24 May, 2020 - 06:18 PM)AccountRepublic Wrote: Show More
(23 May, 2020 - 10:59 PM)amboss Wrote: Show More
(26 April, 2020 - 06:23 PM)Irrational Wrote: Show More
Umm you are correct. But I was just wondering what is the security concern. JavaScript? Because HTML and CSS are just markup languages and can't do anything else. So if <script> is disabled??

<img> tags would have to be disabled too because you could use it like this:

Code:
<img style="display: none" src="random IpLogger url">

this would log the Ip of every user that opens the post without any notice

edit: every tag that has the option to use an external source (src="random url") would have to be disabled because of this

yea, i was thinking about that too. but i've seen forums (don't remember quite well), only allows images from certain trusted source like imgbb, imgur. so why not use whitelisting?

that would be the best way, but we already have a way to use images and many other things in BBCode so HTML/CSS would be mostly useless

Login
Username:
Password:	Lost Password?
	Remember me

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account Sign up for a new account in our community. It's easy! Register a new account	or	Sign in Already have an account? Sign in here. Sign in now

Why can't we be just allowed to use use html and css to make threads?

About Cracked.sh

Navigation

Extras

Help

Account