Re: Re: Displaying HTML safely

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dotan Cohen wrote:
On 7/16/05, Lauri Harpf <svr.tuomas@xxxxxxxxxxx> wrote:
I've been thinking of limiting this problem by preventing the direct
displaying of the code (ie. only allowing "Save As.." for the link to the
user-submitted HTML). I guess a bit of JS could prevent accidental
left-clicking on the link. I've also been thinking of passing a special
header for the HTML source code file, "Content-type:
application/octet-stream" to suggest downloading rather than displaying the
contents, but IE seems to just ignore it and display the HTML anyhow.

Something like this (you might like to check the syntax, I'm working from memory here) might work:

header('Content-Disposition: attachment; filename=somefile.html');

Forgot trying to work around IE. The browser is broken. It is
non-standard. It's bugs are not fixed. The more you bang your head
against the wall trying to fix what is Microsoft's responsibility to
fix, the less reason people will have to switch to a non-broken
browser (or OS!). Let them use a standards-compliant web browser.

If only we lived in such a perfect world... remember that the majority of web users use IE, so unless you enjoy shutting out the majority of your customers, we do need to work around it.

Let's not get this thread OT though.

Jasper

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux