English Image Boards (854)

680 Name: !WAHa.06x36 : 2009-03-11 11:24 ID:Heaven [Del]

>>676,678

This leaves you wide open to XSS attacks. Posting something like this will mess up your board:

<object></object><a style="position:absolute;left:0;top:0;width:1000px;height:1000px" onmouseover="document.location='http://www.google.com/'">Test</a>

You either have to stop all HTML, or you have to parse it by hand and pick out only the parts that are safe, which is very hard to get right.

Name: Link:
Leave these fields empty (spam trap):
More options...
Verification: