[pmwiki-users] Nifty css/php trick, but is it safe?
carlos.ab at gmail.com
carlos.ab at gmail.com
Fri Nov 30 12:29:34 CST 2007
Em Sexta 30 Novembro 2007 13:43, Tegan Dowling escreveu:
> Ancilary questions:
> Can anyone offer any improvements, or suggest whether this would or
> would not make a good cookbook recipe? If I put it in, what should I
> call it? Should I treat the .htaccess line that enables php in css as
> a separate recipe from the use of re-usable names for colors in the
> skin?
Thinking a little bit more, It can be a problem if you let people upload css
files with malicious code inside it and even let people upload css files to
be used with a skin.tmpl file, because one can use javascript and expressions
within css that can affect browsers such as MSIE an maybe others.
CarlosAB
More information about the pmwiki-users
mailing list