only was it,
Expression Engine is my CMS version 2.0
This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.
The active forums are here.
May 18, 2012 2:22pm
Subscribe [2]#1 / May 18, 2012 2:22pm
only was it,
Expression Engine is my CMS version 2.0
#2 / May 18, 2012 3:05pm
The question is a bit vague but I’ll do my best to assist.
From a security standpoint, outputting base64 encoded images shouldn’t be a problem.
In fact, there is a popular image resizing add-on called ce_img that supports outputting base64 encoded images.
http://www.causingeffect.com/software/expressionengine/ce-image/user-guide/variables
Can be purchased here:
http://devot-ee.com/add-ons/ce-image for $15 USD
#3 / May 18, 2012 3:16pm
I do not need the plugin, I’ve made my own base64 encoder, I was also informed of the safety problem with the images in base64 and xss filter of expression engine.
as I read all the files “uploaded to the server” using the site passes the xss filter so there should be no problem, but I had my doubts.
#4 / May 21, 2012 3:35am
I’ve noticed that many times, instead of referring to how to fix or build what is needed is referred to some plugin or extension, does not happen only here but also in the forums of expression linkedin engine, it seems that only they were to buy the best toy.
#5 / May 21, 2012 12:21pm
Hi Pablo,
as I read all the files “uploaded to the server” using the site passes the xss filter so there should be no problem, but I had my doubts.
What you read is true and we take security very seriously. If you haven’t disabled XSS filtering, then you should not worry too much about the safety of the files you upload. Any steps you take to make it more secure is completely up to you.
I’ve noticed that many times, instead of referring to how to fix or build what is needed is referred to some plugin or extension, does not happen only here but also in the forums of expression linkedin engine, it seems that only they were to buy the best toy.
Indeed. One of ExpressionEngine greatest strengths is the add-on Community that has been built around it! It is impossible to make every possible feature available in the Core of ExpressionEngine, but the add-on developers fill the gaps nicely. Several of them add incredible value to ExpressionEngine!
Is there anything else I can assist you with?
Cheers,
#6 / May 21, 2012 12:35pm
No thanks,
no gracias, yo quiero aclarar que yo me he referido al asunto de los plugin por que me gusta desarrollar las cosas yo mismo, indudablemente no cuestiono la utilidad y a veces indispensabilidad de los plugin.
un saludo y muchas gracias.
sorry google does not translate correctly
i search this, thanks.
http://ellislab.com/expressionengine/user-guide/development/guidelines/security.html
$ Cadena = $ this-> EE-> Seguridad-> xss_clean ($ str);
#7 / May 24, 2012 3:59pm
Hi Pablo,
Excellent!
If you need anything else, just let us know!
Cheers,