Menu
Hello,
On my site I am allowing users to post HTML and I’m in the planning phase.
I’m already written REGEX to get rid of <script> and <frame> tags, but I have ran into a problem regarding <embed> it seems as though in browsers such as chrome <embed> acts like an <iframe> tag.
The problem is that with this sort of behavior users may link to potentially harmful sites like infinite alert boxes ect.
How will I bee able to make sure users don’t embed websites instead of flash?
Alternate Question:
Also if I do allow users to include websites, how could I disable alert boxes?