Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Will there be any problem like cross site scripting if I make a provision for storing an individual’s javascript code in a column of a mysql database?
Suppose if twitter has a mysql database, and it allows users to display their own Google Adsense ads in their own profiles by giving them an option to upload their own javascript code into their database. Is it fatal for a database?
Yes, you can, but it is a bad idea, as you have no control over what kind of scripts are included.
The better idea i to allow users to insert their Google AdSense identifiers within separate field and tell them you will insert JS snippet for them. Just make sure that identifier contains only chars that are allowed in such identifier, no JS code or HTML tags allowed.