Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
We have some code that removes “dangerous” attributes and tags from HTML. I noticed that style is among the list of “dangerous” attributes. What could be the risk from that attribute?
It’s possible to make things that are invisible or otherwise very deceptive using style sheets. For example, you could put a giant, invisible anchor link over the whole page so that when the user clicks on something, he’s taken to an identical page on a server in Russia.