|
||||||
Views:
11,209,296 |
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Stats | Ranks | Online users | Search | 12-22-24 04:02 AM |
||||
Guest: Register | Login |
0 users currently in AcmlmBoard II Software/Bug Report Forum | 6 bots |
Main - AcmlmBoard II Software/Bug Report Forum - Netiquette (link behaviour) (2) |
Nicole |
| ||
Administrator
Goddess of the Apocalypse Level: 200 Posts: 67/14042 EXP: 114513973 Next: 615416 Since: 01-03-12 From: Boston, MA Last post: 498 days Last view: 497 days |
♥67 ✿4736 ★69 Allowing (most) arbitrary HTML is I think one of the "selling points" of this board software, even if it can be a security risk...
The obvious example of what can't be done with BBcode is the entire post layout thing- I mean, you could reimplement everything in some sort of code that gets preprocessed as HTML/CSS, but why bother? |
Lili~ ♥ |
| ||
Normal User
Queen Lesbian of Kafuka Level: 161 Posts: 153/8412 EXP: 53081987 Next: 1031130 Since: 01-06-12 Last post: 2994 days Last view: 1516 days |
I was thinking of stuff like resizing images on the fly (by using width= or height=). I dunno if that argument applies to links as well, though. |
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 49/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by NicoleI don't think this board software has had any "selling points" since 2007 or so. Posted by NicoleSafety. As I said in another thread, post layouts should be done with a WYSIWYG editor of sorts, using bb tags, that way a random user can't simple go and make scrolling bugs (like I did with my layout), or break tables, etc. It's also more professional, though that might be irrelevant. |
Ailure |
| ||
Retired Staff
Buzzy Beetle Red pandas and stuff Level: 43 Posts: 86/398 EXP: 546554 Next: 18492 Since: 01-01-12 Last post: 2727 days Last view: 929 days |
Posted by KiyoshiHonestly that's the first time I heard about that, and to be honest I get a little annoyed if every other link opened a new tab when I don't mean to. I do middle-mouseclick a lot (which open links in new tabs) but I still want it to be up to me what the behavior is. It makes sense to create a separate window sometimes, but those are (relatively rare) cornercases. ____________________ AIM: gamefreak1337, MSN: Emil_sim@spray.se, XMPP: ailure@xmpp.kafuka.org, YouTube
|
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 50/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by AilureSame. Also it makes me think before clicking a link, when I suspect it might open in a new tab, I just middle-click it to open on the foreground. To smartasses: Don't care if there's any config or extension that will change this behavior. Muscle memory for the win. |
Kiyoshi |
| ||
Normal User
HEY HEY HEY STAY OUTTA MAH SHED Level: 65 Posts: 242/1016 EXP: 2228959 Next: 106669 Since: 01-02-12 Last post: 4625 days Last view: 4596 days |
In ABXD, <a href> and <embed> are filtered for security. There are [url] and [youtube] for that. I don't see the added value of HTML here.
<img> is not filtered, so you can still set an image width and height. ____________________ I don't give a flying feather |
Lili~ ♥ |
| ||
Normal User
Queen Lesbian of Kafuka Level: 161 Posts: 154/8412 EXP: 53081987 Next: 1031130 Since: 01-06-12 Last post: 2994 days Last view: 1516 days |
You lose the possibility of embedding MIDI or similar by filtering < |
Arisotura |
| ||
Developer
pancakes Level: 84 Posts: 50/1870 EXP: 5564148 Next: 97804 Since: 01-05-12 From: France Last post: 68 days Last view: 68 days |
Let your mouse over me
This is one potential advantage of HTML, among others. Also ____________________ Kuribo64 - melonDS want some revolution in your coffee? |
Epele |
| ||
Site Administrator
The Sorceress. Boing~ Level: 237 Posts: 230/20774 EXP: 206105375 Next: 1873559 Since: 01-01-12 From: UK Last post: 1082 days Last view: 1 hour |
Posted by Kiyoshi Filtering <a> tags makes not much sense considering a good deal of exploits are possible with an <img> tag. :/ The world could always use more heroes! |
Kiyoshi |
| ||
Normal User
HEY HEY HEY STAY OUTTA MAH SHED Level: 65 Posts: 243/1016 EXP: 2228959 Next: 106669 Since: 01-02-12 Last post: 4625 days Last view: 4596 days |
Posted by AilureI get rather annoyed if every link gets opened in the same tab when I don't mean to. I do middle-mouseclick a lot (which open links in new tabs) but I still want it to be up to me what the behavior is.Posted by KiyoshiI get a little annoyed if every other link opened a new tab when I don't mean to. I do middle-mouseclick a lot (which open links in new tabs) but I still want it to be up to me what the behavior is. It hardly makes sense to lose the post you were working on and let your tab be reused sometimes, but those are very rare cornercases. ____________________ I don't give a flying feather |
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 51/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by Mega-MarioThat could be replaced by title sub-attributes in the [ url ] tag. End-users shouldn't be dealing directly with HTML tags. What if it was a link to this? EDIT: Point is, with a bb tag it's easier to parse the link and disallow malicious actions. EDIT2: What if it was an img tag? |
Epele |
| ||
Site Administrator
The Sorceress. Boing~ Level: 237 Posts: 233/20774 EXP: 206105375 Next: 1873559 Since: 01-01-12 From: UK Last post: 1082 days Last view: 1 hour |
Posted by knuck the BB tags are mostly there for those who don't know about html.. or don't realise the board supports it. Or that's just how I see it. The world could always use more heroes! |
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 52/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by GywallI always saw Acmlmboard as potential real-world software, so for me allowing HTML as a security risk, among other things. Of course, Acmlmboard was coded by Acmlm just "for fun", with no intentions of ever having it as "real-world" software I believe. |
Arisotura |
| ||
Developer
pancakes Level: 84 Posts: 51/1870 EXP: 5564148 Next: 97804 Since: 01-05-12 From: France Last post: 68 days Last view: 68 days |
Okay, let's just go and nuke one of the great features unique to Acmlmboard for added security. Oh wait, users would find ways to hax the bbcodes. Let's just not allow anything other than plaintext so that we're not running any risk.
Seriously speaking, I'm all for keeping HTML as much open as we can. An Acmlmboard without HTML isn't an Acmlmboard. It's just yet another boring board software. ____________________ Kuribo64 - melonDS want some revolution in your coffee? |
Kiyoshi |
| ||
Normal User
HEY HEY HEY STAY OUTTA MAH SHED Level: 65 Posts: 244/1016 EXP: 2228959 Next: 106669 Since: 01-02-12 Last post: 4625 days Last view: 4596 days |
Posted by knuckI do remember a link filter though, maybe Kawa or Arisotura can clear up my confusion. I might be just confused with the <embed> tag.Posted by Mega-MarioThat could be replaced by title sub-attributes in the [ url ] tag. Edit: what you say is very true, Arisotura Can we go back on topic now? ____________________ I don't give a flying feather |
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 53/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by Mega-MarioYou clearly know nothing about compilers and parsing. You should really refrain from talking about technical stuff you know nothing about. Posted by Mega-Mario:lol: Posted by Mega-MarioWhat if we have bb codes for all the needed HTML? Woul you still want "FULL HTML SUPPORT"? It sounds like someone is looking for exploits... |
Arisotura |
| ||
Developer
pancakes Level: 84 Posts: 52/1870 EXP: 5564148 Next: 97804 Since: 01-05-12 From: France Last post: 68 days Last view: 68 days |
Posted by knuckPosted by Mega-MarioYou clearly know nothing about compilers and parsing. You should really refrain from talking about technical stuff you know nothing about. YOU do not know me enough to say that kind of stuff. I know what I'm talking about. I have been coding for ABXD since a good while now, in case you don't know. Also, I don't want 'full' HTML support. I said 'as much as open as we can', which doesn't mean 'full' but 'keep the most features possible while blocking out dangerous stuff'. Besides, cookie stealing on the AB2 branch is a loss of time unless you know the AES256 key that is used to encrypt them (or atleast that's how it was done on AB2.0a1, it may have changed since then). ____________________ Kuribo64 - melonDS want some revolution in your coffee? |
Lili~ ♥ |
| ||
Normal User
Queen Lesbian of Kafuka Level: 161 Posts: 157/8412 EXP: 53081987 Next: 1031130 Since: 01-06-12 Last post: 2994 days Last view: 1516 days |
Seriously, why can't you just leave everything as it is? After all, it's long been any sysadmin's mantra to never change a running system, and that for a good reason. It works, and that's the most important thing. |
knuck |
| ||
Normal User
Paragoomba Level: 21 Posts: 54/73 EXP: 42926 Next: 7017 Since: 01-03-12 Last post: 4541 days Last view: 4521 days |
Posted by LilianaTo be honest, that's an horrible example in this situation. But whatever either way, it's important to be able to use > and < I guess. |
Kawa |
| ||
Retired Staff
Not okay Prophet of Celestia Level: 94 Posts: 172/2423 EXP: 8209935 Next: 146722 Since: 01-01-12 From: The Netherlands Last post: 2268 days Last view: 583 days |
Gentlemen?
How about a setting? Allow <a href>, but only make external links open in a new tab as per the user's settings? Also, HTML > BBCode, but that's just my opinion and you don't need to share it. |
Main - AcmlmBoard II Software/Bug Report Forum - Netiquette (link behaviour) (2) |
Acmlmboard v2.5.6 (06/11/2024) © 2005-2024 Acmlm, Emuz, et al. |
MySQL - queries: 214, rows: 618/650, time: 0.077 seconds. |