AnsweredAssumed Answered

Prevent iframe url injection

Question asked by BijKluit on Dec 25, 2017
Latest reply on Jan 9, 2018 by Mark_HE

A user can inject code in an url to our forum. The discussion board uses iframes and the following exposes a thread:

https://10.10.10.1/forum#!https://10.10.10.20:8080

Not knowing up front each possible endpoint url because of the dynamic nature or a forum, what is the best way to prevent these injections?

Outcomes