[pmwiki-users] Form Input missing 4 types !!!!
JB
jbit at ev1.net
Mon Aug 28 10:54:14 CDT 2006
> > If the input type "button" is a security risk then are not
> > the other input types - submit, reset, checkbox, radiobutton
> > also secutiry risks?
>
> No, because PmWiki doesn't provide any way for an author to
> add an "onClick" attribute to those button types.
OOOOOOOH!
The documentation at http://www.pmwiki.org/wiki/Cookbook/Forms
is incorrect then because it says:
(:input type name value option=value:)
...options are used to specify additional attributes to the
control.
> > 1) calling a function only from the current url directory ()
>
> As far as I know, it's not possible to restrict JavaScript functions
> based on their source.
Well, yes it could, analyze the code inside the quotes and if it
references something outside the current url then don't output
it to the html. It would take some coding, I could probably do
it, but it is a moot point because you do not allow event
attributes on any input controls.
More information about the pmwiki-users
mailing list