New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unable to add images to register questions #3383
Comments
It is not a regression at all... it is safer right now after this change... anyway I see your point, maybe we can find another way. |
The easiest way that I see is to add a parser to render bbcode like with the normal post, it permit more dynamic in this option, like add images, different font type/size/position/weight. |
Feel free to open a pull request |
Using the parser would probably be the best option, the other option would be |
@aasjpvm - will you open a PR with fix? Parser would be the best way how to solve this. |
We can use this regular expression: to replace all html and keep img tag |
https://i.imgur.com/bQyvFcW.png |
I'd probably just hard code it. We don't need to support every option:
|
Yeah, I actually allowed all mycodes and img ones, still considering is video code is actually needed but most likely not. But for people when it is merged it would be nice to say exactly what they can use and what not in questions. For now I'll update my code with things I actually did and maybe soon create pull request. |
As previously mentioned, only admins can write security questions, why do we need to forbid html? If going with BB Code, why do we need to limit any tags at all? |
Consider iframe as security problem. If you add source from unknow place and it uses something weird, then you also have this on your registration form. But that's my point of view, and that's why I actually tried attaching here parser. |
The reason for limiting the ones I listed are:
@MinusPL video code probably isn't needed, but there might be somebody out there with a question like |
Then I'll enable it, but looking how it would be parsed, It could completely destroy any spacing in register form, but I'll test it ;) I'll also allow smilies, when we are giving people a way to actually customize more questions then smilies are needed :D |
see https://community.mybb.com/thread-219334-post-1312214.html#pid1312214; I'd consider HTML parsing for security questions controversial too as some might interpret that simply as a feature. Adding elements like IMO MyCode as a replacement sounds good. |
Also I ran to another issue - simply security questions might require more space in database now - considering that with MyCodes they could become pretty "big" in terms of text data I ran twice to an error saying that my question is too big. |
Added parser for security questions at lines 1221 to 1237.
After mybb 1815 release, the security questions enable to add html, I use it to add images in the questions, if it was by security reasons, will be a good feature to add bbcode support instead of html, to support the image questions:
Before 1815:
After 1815:
The code added was:
The text was updated successfully, but these errors were encountered: