Writing a web dev blog

31 views
Skip to first unread message

si...@simonchampion.net

unread,
Apr 1, 2013, 1:52:52 PM4/1/13
to habari...@googlegroups.com
Hi.

I'm new to Habari. I'm setting up a blog where I'm writing about web development. I've installed the markdown plugin because I want to post code snippets and the markdown syntax is a lot easier to work with than HTML.

Everything is looking good and working well, except for one small thing...

I've been testing out my blog with a few sample entries, and I've encountered a problem: I'm blocked from posting certain HTML and Javascript keywords, presumably as an anti-hacking measure.

For example, lets say I want to write about adding a message box popup when you enter data into an HTML form. I might want to include references to an `<input>` field and the `alert()` function (note I've wrapped those strings in backticks as per the markdown syntax for an inline code element. Both of these strings are blocked; having either of them in my code results in a 403 Forbidden error. I can't work around it using entities either.

I understand the need to prevent malicious input, but this kind of thing is fairly key to what I want to post about. I'd rather it was simply escaped properly and allowed through.

Is there an easy way around this? Or is there anything else I can do about it? I couldn't find a config setting for it. Would any of the other markup options make it easier for me?

Thanks for any feedback on this.

Regards,


   Simon C.

Chris Meller

unread,
Apr 1, 2013, 2:21:11 PM4/1/13
to Habari Users
That actually sounds like something your web host must be doing. They probably have some complex mod_security rules setup for Apache to prevent sites their users host from being compromised. Habari should allow you to stick just about anything in the post body.

Take a look at your hosting control panel and see if there's any user-available option about additional security, mod_security, something along those lines. If you can't find anything, you'll need to have a chat with your hosting company.



--
--
To post to this group, send email to habari...@googlegroups.com
To unsubscribe from this group, send email to habari-users...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/habari-users
---
You received this message because you are subscribed to the Google Groups "habari-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to habari-users...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

si...@simonchampion.net

unread,
Apr 1, 2013, 5:14:32 PM4/1/13
to habari...@googlegroups.com
Hmm. That sounds plausible. Annoying but plausible.

It also explains that I didn't find anything in the Habari code that would have caused it.

Thank you. I'll try to work out what to do next.
Reply all
Reply to author
Forward
0 new messages