«
»

I added some potentially dangerous code to automatically turn code examples (things in <code> elements with class demo into actual HTML or javascript that are added to the post. The javascript part works; I used it in the last post; here's testing the HTML insertion:


  <div style="background: purple; margin: 2px">This is a test</div>

And more testing:


  <div style="background: #080; margin: 2px">This is a test</div>

This entry was posted by Danny on August 14, 2008 at 9:00 pm under jQuery, Web Design. You can leave a response, or trackback from your own site. Follow any responses to this entry through the RSS 2.0 feed.

One Comment

  1. Danny says:


    <div style="border: 5px solid blue">Trying XSS by inserting in comments should fail</div>
    August 14, 2008, 9:17 pm

Leave a Reply


Warning: Undefined variable $user_ID in /home/public/blog/wp-content/themes/evanescence/comments.php on line 75