|
|||||||||
|
|||||||||
|
|||||||||
 |
|||||||||
| |
||
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
|
|||||||||
| |
||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
ASP Free Forums Sponsor:
|
|
|
|
#1
May 22nd, 2007, 02:50 AM
|
||||
|
||||
|
HTML Entities in code type tags
This probably isn't an urgent thing, but it would be a nice to have.
When posting code samples in code tags can html entities not be translated, for example & quot ; shows as & quot ; rather than "
__________________
And he picked it all up... in his pick-up.  Friends of Shemzilla
|
|
#2
August 10th, 2007, 09:12 AM
|
||||
|
||||
|
We try several methods to bypass html entities, but by doing that it will open several security issues.
vBulletin decode all the html entities to determine if some one trying to pass special JavaScript to steal users cookies information ...etc. So its automatically decode all the html entities and filter them out, if we remove this functionality, our forums will be very vulnerable for these kind of hacker attacks. Therefore currently we do not see any direct way to keep html entities inside user posts.
|
|
#3
August 10th, 2007, 09:23 AM
|
||||
|
||||
|
If you were to replace all ampersands [&] with "&", you should
be able to write ""e;".  <edit> Code:
" Code:
" Hold on, that's come out fine. What's the problem here? 
__________________
Support requests via PM will be ignored! Last edited by ChiefWigs1982 : August 10th, 2007 at 11:20 AM.
|
|
#5
August 10th, 2007, 11:21 AM
|
||||
|
||||
|
Gotcha.
My idea does work though - change ampersands into numeric entities; notice my second code box above. & becomes &
|
|
| Viewing: ASP Free Forums > Forum Information > Suggestions & Feedback > HTML Entities in code type tags |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
