Free Republic
Browse · Search
News/Activism
Topics · Post Article

To: Benoit Baldwin
  1. Thanks. I agree.
  2. Tables were my first choice. Very large images or strings of text stretch the width of the table beyond the right edge of the screen. I originally had the whole thread in one table, but the first large image or long URL destroyed the right margin. I then put each reply in a table to localize the screw-up, but it was still a screw-up. I discovered that BLOCKQUOTE does the right thing with the margin, it allows an image outside of it's right margin but contains what it can.
  3. I prohibit style because I haven't yet written a style filter to block the positioning bomb. I also want to filter style because I don't know when in the future some browser will stuff executable code in style sheets. My focus is to disallow executable code. (JavaScript etc.)
  4. Didn't realize browsers could choose their own style sheets. Hrm.
  5. I agree, hijacking EM was a bad idea. It was the closest tag I could find for highlighting. I reversed it, will add a class to replace the missing functionality of background-color.
From a security stand-point, I may not know when a user is using HTML in an unsecure fashion. In particular, I refer to JavaScript and the security of your identity cookie. If that cookie is hijacked, someone can become you. The destruction would be limited if a normal user's account was hijacked, but Jim and myself have a great deal of access to the system. It would be a bad idea if someone got our cookies.

I filter HTML because the next version of the forum software will be more sensative to ill-formated HTML. Replies may be displayed out of order, and a follow-up close tag may not be shown at all.

I don't believe there is another forum on the Internet where posters have as much freedom of expression as here on Free Republic. I think I'm doing a very good job of balancing freedom of expression and system security. The later of which had been horribly lax for too, too long.

56 posted on 09/28/2001 10:55:41 PM PDT by John Robinson
[ Post Reply | Private Reply | To 46 | View Replies ]


To: John Robinson

>I don't believe there is another forum on the Internet
>where posters have as much freedom of expression as here 
>on Free Republic. 

There is not, to my knowledge, either.


>I think I'm doing a very good job of balancing freedom of
>expression and system security.

You are.

Thanks.

I am just a stickler for the rules, that's all. Using an element of structure--BLOCKQUOTE--to impose an element of style--paragraph widths--runs counter to the vision of the W3C. Unfortunately, due to the ignorance/stupidity/laziness of browser vendors in regards to comprehensively implementing the W3C's standards, we are forced into using workarounds to ensure compatibility--like using tables for layout. I posted my template here, in case anyone should find it useful.

I retract my earlier assessment of server side personal style sheets--it is a Very Good Idea, as it is an enhancement of personal freedom.

94 posted on 09/30/2001 9:04:46 AM PDT by Benoit Baldwin
[ Post Reply | Private Reply | To 56 | View Replies ]

Free Republic
Browse · Search
News/Activism
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson