Is there any function I could use for URLs fields that checks for the scheme of the URL to avoid URLs with 'javascript'? We don't want users to execute unbeknownst scripts on our site now don't we?

Comments

alfaguru’s picture

alfaguru’s picture

Also look at drupal_strip_dangerous_protocols().