+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Resources (https://community.mybb.com/forum-8.html)
+--- Forum: MyCodes (https://community.mybb.com/forum-117.html)
+--- Thread: Break (/thread-149605.html)
Break - Smite - 2014-01-04
Title:
Break
Short Description:
Embed videos from Break.Com
Regular Expression:
\[break\][a-zA-Z0-9]\[/break\]
Replacement:
<iframe width="464" height="290" src="http://www.break.com/embed/$1" allowfullscreen="" frameborder="0" scrolling="no"></iframe>
RE: Break - JordanMussi - 2014-01-04
MyCode
[break]"></iframe><iframe src="http://malicious-site.com/[/break]Output
<iframe width="464" height="290" src="http://www.break.com/embed/"></iframe><iframe src="http://malicious-site.com/" allowfullscreen="" frameborder="0" scrolling="no"></iframe>Using
(.*?) can allow anything to be accepted, leaving a site vulnerable to XSS. Using a regular expression like [a-zA-Z0-9], will allow the lower case alphabet, upper case alphabet and the numbers 0-9.Suggested regular expression
\[break\][a-zA-Z0-9]\[/break\]You should also apply this to your other threads:
http://community.mybb.com/thread-149604.html
http://community.mybb.com/thread-149606.html
http://community.mybb.com/thread-149607.html
RE: Break - Smite - 2014-01-04
(2014-01-04, 10:22 AM)JordanMussi Wrote: MyCode
[break]"></iframe><iframe src="http://malicious-site.com/[/break]
Output
<iframe width="464" height="290" src="http://www.break.com/embed/"></iframe><iframe src="http://malicious-site.com/" allowfullscreen="" frameborder="0" scrolling="no"></iframe>
Using(.*?)can allow anything to be accepted, leaving a site vulnerable to XSS. Using a regular expression like[a-zA-Z0-9], will allow the lower case alphabet, upper case alphabet and the numbers 0-9.
Suggested regular expression
\[break\][a-zA-Z0-9]\[/break\]
You should also apply this to your other threads:
http://community.mybb.com/thread-149604.html
http://community.mybb.com/thread-149606.html
http://community.mybb.com/thread-149607.html
Will do, thanks
