The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Avoid base64 image insertions
Seems like users at my site can post base64 images on posts through the WYSIWYG editor.
Anyone has developed something to avoid this huge data insertions ?? Quote:
|
#2
|
||||
|
||||
I would think the use of the attachment manager would prevent that "image" from even uploading. It should cause an error message that says something like, "not a recognized image format." It also would not be in the format of , it would have to be in [ attach]1234567[/attach].
If it is posted between tags, then you could prevent it by censoring the term base64. Adding that to the censored words list will break the image and cause either nothing to appear in some browsers or a red X to appear in others. |
#3
|
||||
|
||||
I wrote an article about this a few years ago - http://www.syndicatetheory.com/labs/...images-exploit
A plugin is included to show you how to prevent it. Cheers |
Благодарность от: | ||
ozzy47 |
#4
|
||||
|
||||
Excellent read Adrian.
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|