Reputation: 161
How to create an independent HTML block?
I want to know if there is some way to create an independent HTML block .
For more explanation : My problem is that I have a webpage in which I allow some users can add content (may contain HTML & CSS ) I allow them to add their content inside a certain block , but sometimes their content may not be clean code , and may contain some DIVS with no end , Or even some DIV end with no starting DIV This sometimes distort my page completely
Is there any way to make their content displayed independently from my parent div , so that my div is first displayed well , and then the content inside it is displayed ?
I'm sorry for long message . Thanks for any trial to help
Upvotes: 0
Views: 1303
Answers (5)
Reputation: 943480
My problem is that I have a webpage in which I allow some users can add content (may contain HTML & CSS ) I allow them to add their content inside a certain block , but sometimes their content may not be clean code , and may contain some DIVS with no end , Or even some DIV end with no starting DIV This sometimes distort my page completely
If that is the problem you are trying to solve, then having some markup to say a chunk of code was independent wouldn't help: They might include the "End of independent section" code in the HTML.
If you want to put the code in a page, you need to parse it, sanitise it (using a whitelist) to remove anything potentially harmful and then generate clean markup from the DOM.
Upvotes: 4
Reputation: 1302
Okay, i belive there is something you can do, but it can require some time. You can use a parser to go through the users html, and get the tags and their content, and recreate the html making it clean.
But, as there are a lot of tags that can be used, or even invented tags, than you can limit the tags that the user are able to use in their html. You put a legend with the acceptable tags.
There are some pretty good html parsers for php, but they may break for some very bad html code, so this is why i suggest you just recreate it based on the parsing with a limited subset of acceptable tags.
I know it's a difficult/time consuming solution, but this is what i have in mind
Upvotes: 0
Reputation: 13275
The safest way is to restrict the tags they can submit, and validate/sanitize those that they do, similar to the way we can use markup on here.
Having unchecked HTML injected into your page is asking for trouble.
Failing that, good old iframe will do the trick.
Upvotes: 0
Reputation: 2775
you could use Static iframes. check this out http://www.samisite.com/test-csb2nf/id43.htm
Upvotes: 0
Reputation: 228162
sometimes their content may not be clean code , and may contain some DIVS with no end , Or even some DIV end with no starting DIV This sometimes distort my page completely
The easiest solution for you is going to be to add the submitted content to your page inside an <iframe>. That way, it doesn't matter if the submitted HTML is invalid.
If you have to worry about users possibly submitting malicious content (such as JavaScript), the problem becomes much harder: you need to sanitize the HTML. I can't tell you how to do this without knowing what server-side language you're using.
Upvotes: 4
Related Questions
- How do I create an iframe element and set the HTML of it dynamically?
- how to create iframe inside multiple tags using JavaScript?
- How to get a level of isolation for div similar to one iframe provides?
- Creating Multiple Iframes one by one
- Html/Css Transparent iframe
- Creating a Div inside an iframe
- how to split browser window
- Html and iFrames
- How to divide HTML into two distinct areas, as if using frames?
- CSS/HTML: How to simulate IFRAME with CSS?