Philipp_Stadler
Jan 21, 2015Nimbostratus
Handling of HTML editors
Hi all,
I've a question regarding HTML editors in multiple CMS. If we want attack signatures and/or parameter meta-char checking we constantly see violations because of different html-,... tags included in HTML-Editor as a POST parameter. (i.e. changing article information as an authorized user) We have this issue on multiple CMS and didn't really know how to fix this issue in a proper way. At the moment I turn off meta-chars and signatures checks for such parameters. - is there a good/better way without having excessive work?
Thanks in advance, Philipp