Home » Developer documentation » Writing secure code » Configuration Steps For a More Secure Site

Safe Use of Input Formats

· · ·

Drupal's Input Formats provide a variety of benefits. They can be used to enhance the functionality of your site but one of the main purposes is to ensure that data entered on your site is safe for site visitors. For example, if you allow anonymous commenting with "Full HTML" input format, a visitor could add an inappropriate image or malicious JavaScript code capable of changing your password on the site.

The default input format configurations and permissions are safe. There are a couple of things you may change which can make them unsafe:

  1. Adding tags to input filters be especially careful with the roles allowed to use SCRIPT, IMG, IFRAME, EMBED, OBJECT, INPUT, LINK, STYLE, META, FRAMESET, DIV, BASE, TABLE, TR, TD, tags.
  2. Re-arranging the order of filters especially for untrusted users (anonymous, or those with low level roles) you will want to have the HTML Filter run at the end of the set of filters.
  3. Changing permissions on filters you should only allow advanced tags (item 1 above) and "Full HTML" for registered users that you trust.

While it is tempting, especially when using WYSIWYG editors, to enable more tags for anonymous users or to allow "Full HTML" this will lead to an unsafe site. Then it is only a matter of time and luck until your site is either compromised or used to attack another site.

‹ File Permissions and Ownership For SecurityupHide Information From Visitors ›
» Login or register to post comments
 
 

Drupal is a registered trademark of Dries Buytaert.