Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Ready to contribute?

Amazing! Sign our contributors' agreement and then join us on GitHub.

Update for critical security issue in PHPMailer included in release Vanilla 2.3.1

Links - Best Practice w/ Embeded Forum

donovanbdonovanb New
edited June 13 in Vanilla 2.3 Help

Hello!

Okay, I have a question about allowing links when using the embed feature. The main issue is that, if not correctly entered, links can embed entire forum site into the iFrame, perhaps endlessly.

I have allowed HTML and Markdown... so I can do links like:
[here ](/forum#/categories/editor "here ")
or
<a href="http://www.yourdomain.com/subscribe" class="btn btn-link" >LINK</a>
or
<a href="/forum#/categories/member-off-topic" class="btn btn-link" target="_parent">here</a>

So, for example, this link:
<a href="/forum#/categories/member-off-topic" >here</a>

Will embed the entire site. Changing the above to:
<a href="/forum#/categories/member-off-topic" target="_parent">here</a>

will correct the link to parent... however, then any links to that page also have to call parent in order to work.

Instead, all calls could be hard coded:
<a href="http://www.yourdomain.com/subscribe" >LINK</a>

This "fixes" any embed issues... but what if you have a dev site that you practice with.. dev.yourdomain.com.. then it's annoying to hard code links because none of them work when in dev.

What's your guys solution for this problem.. I want to make it easy for users to add links in their posts that just simply work and don't cause problems. The only thing I have come up with that seems reliable is to require the FQDN in links. They won't work in Dev, but maybe that is Okay.

Thanks!
Donovan

Comments

  • Well, my solution was to switch the advanced editor to BBCODE.. which basically disables HTML.. which I think works in my particular situation.

  • This doesn't fix the situation for me. Everytime you embed link in a post on my forum, regardless of the advanced editor settings or coding language used, you end up with a broken path that leads you to currentdiscussion.com/"posted link".

    I've tried changing advanced editor to Markdown, BB Code, and HTML, and the bug exists for all of them. Where do I find the necessary code to change this broken path?

  • A broken path is a different issue than link destinations being embedded. I suggest you start a new thread with your question, or do more searching.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    If what you want is to make all links open in the parent window, you can use jQuery to add the target = _parent to all links that are posted .

        jQuery(document).ready(function($){
        $( "a" ).attr( "target", "_parent" );
        });
    

    If you want to only affect the links in the comments,

     jQuery(document).ready(function($){
        $( ".Comment a" ).attr( "target", "_parent" );
        });
    
  • vrijvlinder.. that's a "why didn't I think of that" moment... Good idea.

    Donovan

    @vrijvlinder said:
    If what you want is to make all links open in the parent window, you can use jQuery to add the target = _parent to all links that are posted .

        jQuery(document).ready(function($){
        $( "a" ).attr( "target", "_parent" );
        });
    

    If you want to only affect the links in the comments,

     jQuery(document).ready(function($){
        $( ".Comment a" ).attr( "target", "_parent" );
        });
    
    vrijvlinder
Sign In or Register to comment.