M
msasha
Hi all.
I'm trying to parse some HTML received from an untrusted remote source.
What I've been trying so far is something along the lines of:
var htmlString =
"<script language=\"text/javascript\">alert(\"Hello\");</script>" +
"<img src=\"http://www.jinchess.com/chessboard/?pos=Ra6\">";
var div = $doc.createElement('div');
div.innerHTML = htmlString;
and then traverse elem's children via the DOM. Fortunately, any scripts
in the HTML are not run. Unfortunately, both Firefox and IE insist on
loading any images referenced in the HTML although I'm not adding elem
into anything. This is not acceptable because I don't want to be
webbugged.
Note that I don't have a server-side component to delegate this
procedure to...
Please help.
Thanks,
Alexander (aka Sasha) Maryanovsky.
I'm trying to parse some HTML received from an untrusted remote source.
What I've been trying so far is something along the lines of:
var htmlString =
"<script language=\"text/javascript\">alert(\"Hello\");</script>" +
"<img src=\"http://www.jinchess.com/chessboard/?pos=Ra6\">";
var div = $doc.createElement('div');
div.innerHTML = htmlString;
and then traverse elem's children via the DOM. Fortunately, any scripts
in the HTML are not run. Unfortunately, both Firefox and IE insist on
loading any images referenced in the HTML although I'm not adding elem
into anything. This is not acceptable because I don't want to be
webbugged.
Note that I don't have a server-side component to delegate this
procedure to...
Please help.
Thanks,
Alexander (aka Sasha) Maryanovsky.