User talk:Secundinogarcia

your extension
Hi. Just a heads up your extension (Extension:Document UNCified) has a security vulnrability in it (specificly XSS). For example try: ' onmouseover='alert("This could alternatively load an arbitrary script, vandalize pages/pretty much do anything")' ' 

Then when you mouseover the link arbitrary js is executed. This is bad (but probably not too hard to fix). Cheers. Bawolff 22:19, 23 October 2010 (UTC)

Using Regular Expressions in the function that returns the URI to use, I delete all HTML events inserted for the user on the tag. The example that you give me was very useful, thanx. --Secundinogarcia 23:57, 26 October 2010 (UTC)