Quote:
Originally posted by HQ
Blocking java.script in the subject line is unnecessary, can we get a fix to this?)
|
Actually, a JS injection attack can occur in the message field, profile, sig etc. or the subject line...
What would be better is a RegEx Replace Method.
Just get the real junk out.
I'm sure some of the GFY crew could whip some checking up if they really wanted to.
I sort of like the hahaha though.