Hi All,
I have a need to create a web application which allows the user to design a web page using a web based [COLOR=DarkRed]wysiwyg
If you type [COLOR=SeaGreen]<script…>alert(“Hello”)</script>[COLOR=SeaGreen]location.href=(“<url>”)
My plan is to allow the user to enter anything they want, but on submission of the page I want to search for any potentially malicious Javascript commands and if they are found, then I will not allow the HTML to be saved. Javascript isn’t my area of expertize (I am a DBA really), so I need to know what javascript keywords I should look for ([COLOR=SeaGreen]location.href [COLOR=SeaGreen]alert
In addition to the keywords I require, any other comments opinions would be very welcome.
Kind regards,
Martin