On 11/22/23 03:10, patricia traore wrote:

Hi All,

I hope that I'm asking in the right place. We have just created a developers discussion public list in our organization with over 47 subscribers. My question is, in case someone shares some php codes in his message, will that code affect the corresponding html page of that message, while browsing the archive of messages publicly from a web browser? Or will pipermail instead display the shared codes as plain text?

The web page created by pipermail encloses the body of the message in a <pre> ... </pre> block and html escapes it so any PHP, html tags, etc. will be displayed as written.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan

When someone shares PHP code in a message that is archived with Pipermail, the code should be displayed as plain text rather than affecting the HTML page or executing within the browser. Pipermail typically escapes any code or special characters in messages to prevent them from being interpreted as HTML or scripting by the browser.

In most cases, Pipermail uses basic HTML escaping mechanisms to ensure that any code snippets, whether they are PHP, JavaScript, or HTML, appear as they were written in the message. This keeps the archive secure and ensures that shared code will not run or impact the web page’s functionality when viewed in the archive. Instead, it will render exactly as text, preserving the code structure without posing security risks.

However, if Pipermail or the server configuration does not adequately escape certain characters, there could be a risk of code being interpreted incorrectly. But by default, Pipermail archives are designed to avoid this, and code snippets are displayed as plain text. Tonny Luliba Project Lead, Trophy Developers - Web Designer in Uganda | trophydevelopers.com