MoB Dudditz MD
03-31-2007, 02:44 PM
I wanted to provide a webmail login for the staff at our board so I created
an XML menu that displays in the adminCP.
It was much easier to simply provide an external url for the email FAQ
but I didnt know the security involved in doing so.
This is how my admin menu is coded:
<navgroups product="vbulletin">
<navgroup phrase="*****" permissions="*****" hr="true" displayorder="1">
<navoption displayorder="1">
<phrase>log_in</phrase>
<link>http://webmail.*****.com</link>
</navoption>
<navoption displayorder="2">
<phrase>faq</phrase>
<link>http://faq.*****.com/e_mail/webmail_/index.html</link>
</navoption>
<navoption displayorder="3">
<phrase>*****</phrase>
<link>http://faq.*****.com/e_mail/setting_up_email/index.html</link>
</navoption>
</navgroup>
</navgroups>
~please ignore the asterisks.~
Does anyone know if there is a security risk with providing external urls within the adminCP?
an XML menu that displays in the adminCP.
It was much easier to simply provide an external url for the email FAQ
but I didnt know the security involved in doing so.
This is how my admin menu is coded:
<navgroups product="vbulletin">
<navgroup phrase="*****" permissions="*****" hr="true" displayorder="1">
<navoption displayorder="1">
<phrase>log_in</phrase>
<link>http://webmail.*****.com</link>
</navoption>
<navoption displayorder="2">
<phrase>faq</phrase>
<link>http://faq.*****.com/e_mail/webmail_/index.html</link>
</navoption>
<navoption displayorder="3">
<phrase>*****</phrase>
<link>http://faq.*****.com/e_mail/setting_up_email/index.html</link>
</navoption>
</navgroup>
</navgroups>
~please ignore the asterisks.~
Does anyone know if there is a security risk with providing external urls within the adminCP?