My webpage has the php extension, but there is no php code in it. There is handsontable
and user would insert some numbers and get some cool JS
effects on the same page. When I was writing the code for comments, I used strip_tags
as a protection, but that was working for PHP
. Now , I am curious if there is any danger leaving handsontable
as it is?
XSS可以用handontable而不用PHP吗?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
- 邀请回答
-
1条回答 默认 最新
- drvvvuyia15070493 2013-05-14 04:55关注
Well the question is, can a visitor alter the content in a way that another visitor will load something to their browser that was not intended by developers. If it's purely client side and if you do not accept any user inputs, I think its pretty safe. If you have any unused php scripts, remove them.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报
悬赏问题
- ¥50 如何用脚本实现输入法的热键设置
- ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
- ¥30 深度学习,前后端连接
- ¥15 孟德尔随机化结果不一致
- ¥15 apm2.8飞控罗盘bad health,加速度计校准失败
- ¥15 求解O-S方程的特征值问题给出边界层布拉休斯平行流的中性曲线
- ¥15 谁有desed数据集呀
- ¥20 手写数字识别运行c仿真时,程序报错错误代码sim211-100
- ¥15 关于#hadoop#的问题
- ¥15 (标签-Python|关键词-socket)