1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent a user from dragging and dropping images into the editor from their desktop

Discussion in 'Closed Suggestions' started by Jesepi, Aug 30, 2011.

  1. Jesepi

    Jesepi Well-Known Member

    I had a user attempt to attach an image to a thread by simply dragging and dropping the image into the editor. The problem with that is, it doesn't show up but it still prints out the binary data of the image into the post, ie:

    yourforumurl.tld/community/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAeAAAAFsCAIAAACbxP1hAAAgAElEQVR4nOy9d3Rb55X2q3zjjJuKSbEXsVNULy6yI8ex49gZ23HiEvcSx7ItWbJkSbZkWdVW772Qoth7A3tvIEBUogMECIAgARAg0ctBP23fPyAqnoy/WeuuOzPK5OpZ7+IiKULAOgB+2Od5n73PnMphbcmg8iqFdaq0a/vx/Dc37Xv1kx0vvrf5nc37Pt11/K1N3736ybYv[...and so forth....]
    And in this case, that particular image is over 500,000 characters in length. This post made the html of the page it was on over half a meg in size.

    In addition to the above, I was not able to edit the post in question. The editor simply returned a blank text box with nothing in it. Only directly accessing the post record via a database utility allowed me to actually see what had happened when the user complained that image attachments were broken.

    Perhaps we could get a check for objects like these at the time of post submission? Or even something that would tell the user right when they drag an image into a post that they should use the image upload feature instead.
  2. Mike

    Mike XenForo Developer Staff Member

    By default, the character limit will prevent this from going through.

    Unfortunately, it's very unlikely that we can prevent that, as it's likely a very low level browser behavior.
  3. Jesepi

    Jesepi Well-Known Member

    What about a check for part of the text string
    or would that get a bunch of false positives?
  4. ragtek

    ragtek Guest

    Darkimmortal likes this.
  5. Jeremy

    Jeremy Well-Known Member

    This is redundant with 1.2's Redactor editor (allows attaching images by drag & drop).

Share This Page