needsomehelp
10-30-2012, 10:02 AM
I have just found a bug in my code that allows members to add in some javascript to their profiles and this is being executed when their profiles are being viewed by other members.
after doing a simple test like so myself, i see that the JS is being stored so it functions normally when viewed.
<script language='JavaScript'>
alert('hello');
</script>
How do I stop the JS from running but instead allow it to show as text instead. the profile field they fill out should not have JS at all, but only just came to light that this problem exists!
Any help on this would be much appreciated.
after doing a simple test like so myself, i see that the JS is being stored so it functions normally when viewed.
<script language='JavaScript'>
alert('hello');
</script>
How do I stop the JS from running but instead allow it to show as text instead. the profile field they fill out should not have JS at all, but only just came to light that this problem exists!
Any help on this would be much appreciated.