Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What are the risks of accepting dynamic content (i.e. running javascript) from a profile owner?

accepting content Dynamic Javascript owner profile running
0
10 Posted

What are the risks of accepting dynamic content (i.e. running javascript) from a profile owner?

0 CommentsAdd a Comment

1 Answer

0
10

Although such content is common on the internet and is likely harmless, there is a possibility that security risks may be involved. For example, a cross-site scripting attack might allow the profile owner to gain unauthorized access to the viewer’s ProZ.com account. (See this cross-site scripting article on Wikipedia for details.) Because of this potential security risk, user-supplied dynamic content is only enabled in profile pages when the viewer has given permission.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123