search for: user_inputted_url

Displaying 1 result from an estimated 1 matches for "user_inputted_url".

2006 Mar 01
2
safe html links
Hi, I''m working on a web app that allows users to submit links to external sites. I''m curious if there are any special security considerations I should take aside from escaping the user input with h( )? Is it safe to directly link_to h(user_inputted_url), h(user_inputted_url) or could that be exploited in a way that I''m not thinking of. Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060301/fadc828d/attachment.html