Posted by Jim Higson on 11/19/07 11:45

David Johnstone wrote:

> Yes, I did meant that, thanks, and thanks also for your input.
>
> This is for a web site where you can provide your own content,
> but they don't want html. The way they keep html out is by
> making the html server do these substitutions - or maybe directly
> sunstituting in the source you provide. So I have no control over
> that - all I could do is write some alternative in the source, or at
> least I can't think of anything else.
> Got to hand it to them - it's a clever and simple way of keeping
> html out!

They probably do it for security reasons, to avoid XSS attacks. There might
be sneaky ways round it involving javascript, server-side bugs and browser
corrections, but in general if they don't want you posting HTML that's
their choice.

--
Jim

• Next in forum: Re: green policies
• Prev in forum: Re: submitting form info???
• Thread view: Re: html tag without <> - is there an alternative?

[Reply to this message]