Cael added a record in IP.BoardStrange handling of code tagsThere are a couple of strange things happening to code tags, including html and php tags. I think I may have just found another potential XSS vector, but I could be wrong.
First off: if I click the [img]http://content.community.invisionpower.com/public/js/3rd_party/ckeditor/plugins/ipsbbcode/images/ips_bbcode.png[/img] icon in the wysiwyg editor, select 'code', 'php' or 'html', and input something, what I input will be parsed rather than displayed in the editor. For instance, if I input HTML to display an image, the editor will display the image, rather than the HTML to display that image. Switching between the wysiwyg and non-wysiwyg editors a few times will further screw the code up.
If I then post it, it won't be parsed, but converted to bbcode (sometimes badly). It's generally broken in a large number of ways.
Secondly: if I post a link inside code tags, that link will be shortened as per IPB's usual url shortening system thingy. This can break the code inside the code tags, and I think it'd be nice to disable it altogether for code tags.
[html]<img src='http://content.community.invisionpower.com/public/js/3rd_party/ckeditor/plugins/ipsbbcode/images/ips_bbcode.png' /> [/html]
I think a way to post private bug reports would be nice too, for potential XSS exploits for instance. Just a suggestion.
- 0 replies
- 0 views
Sometimes a web designer. Sometimes Batman. Other times, a lurker with an IP.Board license.