- Posts: 3
- Thank you received: 0
Kunena 7.0.4 Released
The Kunena team has announce the arrival of Kunena 7.0.4 [K 7.0.4] in stable which is now available for download as a native Joomla extension for J! 5.4.x/6.0.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 / K 6.4 and issues discovered during the last development stages of K 7.0
Question [Merged topic] Dynamic images in Kunena
- Krümelbrot
-
Topic Author
- Offline
- New Member
-
- Krümelbrot
-
Topic Author
- Offline
- New Member
-
15 years 2 days ago #93711
by sozzled
Blue Eagle vs. Crypsis reference guide
Read my blog and
Replied by sozzled on topic Re: Dynamic image in signature
Any workaround will expose your site to be compromised. If you allowed scripted, on-the-fly images, you allow scripting. If you allow scripting you allow the possibility that anyone can hijack your site and you've lost control. So, if you want to allow script-injected exploits of your site, you can modify the open-source Kunena code to do these things. The standard Kunena source code prevents the exploit. The choice is yours.
I, personally, do not know what you need to change. I'm only aware of the risks and for me, personally, I'm not willing to jeopardise my sites or compromise my reputation (or the reputation of this great team of developers) by showing people how they let people crash their websites. If on-the-fly scripted images are an essential part of your business then there are plenty of forum alternatives that allow you the means to do those things. We also know that there are significant security concerns with those other forum alternatives because of those things.
I, personally, do not know what you need to change. I'm only aware of the risks and for me, personally, I'm not willing to jeopardise my sites or compromise my reputation (or the reputation of this great team of developers) by showing people how they let people crash their websites. If on-the-fly scripted images are an essential part of your business then there are plenty of forum alternatives that allow you the means to do those things. We also know that there are significant security concerns with those other forum alternatives because of those things.
Blue Eagle vs. Crypsis reference guide
Read my blog and
Please Log in or Create an account to join the conversation.
14 years 8 months ago - 14 years 8 months ago #104130
by vssmnn
Replied by vssmnn on topic "Dynamic" Images without Extensions
Is there any option to make them visible?
uk.advfn.com/p.php?pid=staticchart&s=ASX^MTE&p=0&t=1
Example Image-Source:
If I take an image tag, it does not work.
Or the code is changed after Submit as a Url
uk.advfn.com/p.php?pid=staticchart&s=ASX^MTE&p=0&t=1 ]
I wonder what else this switch is for in Backend configuration (BB-Code)
uk.advfn.com/p.php?pid=staticchart&s=ASX^MTE&p=0&t=1
Example Image-Source:
Code:
http://uk.advfn.com/p.php?pid=staticchart&s=ASX^MTE&p=0&t=1
If I take an image tag, it does not work.
Or the code is changed after Submit as a Url
uk.advfn.com/p.php?pid=staticchart&s=ASX^MTE&p=0&t=1 ]
uk.advfn.com/p.php?pid=staticchart &s=ASX^MTE&p=0&t=1
I wonder what else this switch is for in Backend configuration (BB-Code)
Last edit: 14 years 8 months ago by vssmnn.
Please Log in or Create an account to join the conversation.
Time to create page: 0.226 seconds