Re: If I owned Wikidot

Post Preview

postName: ''
postComment: "Agreed. I'm still mixed on the issue of placing user-definable raw HTML into pages. The way Wikidot works at the moment (with its AJAX interface) makes it vulnerable whenever it comes to raw HTML in the *.wikidot.com and any custom domains. It puts Wikidot in a hard position, to judge if the code is a security threat.\nI could easily create a service… let's say a JS powered plugin for a \"like\" function. An embed code could be <script type=\"text/javascript\" src=\"http://wdlike.com/embedjs?site=www&page=start\"></script> (this is all fictional, btw). Wikidot could go to the site to see if it's legit at that present moment. Once the plugin gets approved, I could easily change it into some rouge code which changes the user's email address and passwords and make it post dozens of spam posts on any forum on any Wikidot site.\nI do think that Twitter, Google and Facebook can be trusted. But it does put Wikidot in a tough position when \"approving\" plugins."

rating: 0+x
This is the Redirect module that redirects the browser directly to the "http://snippets.wdfiles.com/local--code/code:url-title-with-slash-redirect/2#http://css3.wikidot.com/blog:if-i-owned-wikidot" page.
Site design © BMC WebDesign, 2011. All rights reserved. All tutorials on this site are free for commerical use, subject to conditions outlined in the disclaimer.