Live Helper Chat support forum.. Forum is locked. New place for questions - Github Discussions

You are not logged in.

Announcement

Pages: 1

#1 2014-11-12 02:26:29

_sta_
Member
Registered: 2014-11-12
Posts: 1

Code Injection Prevention

Hi,

Is there any measure to prevent code injections, sql and javascript injections for instance? As I can see from database, chat messages are not parsed, escaped and <script> tag is not stripped. Will it be vulnerable to code injections?

- ST

Offline

#2 2014-11-12 05:10:23

remdex
Administrator
From: Lithuania
Registered: 2012-09-23
Posts: 3,661
Website

Re: Code Injection Prevention

All protection is done during text output process. Messages are stored as user wrote them. So there is no risk of some injections.

Offline

Pages: 1

Board footer