Is user content escaped in the php sdk?

I'm worried about malicious users trying to insert javascript or iframes when they are posting. Is there anything in the SDK that escapes content? I looked through the "topics" function and didn't find anything obvious. Thanks!

Inappropriate?

Reply to this question

1 person has this question

I have this question, too! Tell me when someone answers.
The more people who ask this question, the more it gets noticed.

EMPLOYEE

Remove Inappropriate?
Delete or Edit for 15 minutes

Scott Fleckenstein, Official Rep, replied on May 01, 2008 14:32

It's escaped at the API level. So, yes.

this answers the question

Add a comment This answers the question Mark as a company answer
Remove Inappropriate?
Delete or Edit for 15 minutes

Benjamin Stover replied on May 01, 2008 18:27

Thanks for the quick reply Scott! Do you mean on GetSatisfaction's side of the internet? If so, then escaping should be done our-server side as well. One scary scenario: if we were to have a DNS poisoning attack that pointed api.getsatisfaction.com to evilbadguy.com, we could be serving untrusted content. Also, if GetSatisfaction's servers were ever compromised, it could mean compromises for hundreds of other websites that depend on your service.

I'd be willing to work on a fix for this.

this answers the question

Add a comment This answers the question
EMPLOYEE

Remove Inappropriate?
Delete or Edit for 15 minutes

Scott Fleckenstein, Official Rep, replied on May 01, 2008 18:35

Good point.

As far as I know, the php library trusts that api.getsatisfaction.com is pointing to us and is serving up trusted content.

I could certainly see a way that we could also prevent the attack you describe at a higher (if more complicated) level than simple escaping. For example, while you would be able to prevent crude exploitation, it wouldn't help against the phishers of the world.

Since the API already has the concept of shared secrets (OAuth consumer key & secret) we could easily build in a verifiable signature system into the content we serve.

this answers the question

Add a comment This answers the question Mark as a company answer
Remove Inappropriate?
Delete or Edit for 15 minutes

Benjamin Stover replied on May 01, 2008 18:55

Cool idea, but wouldn't SSL solve the API host verification problem?

this answers the question

Add a comment This answers the question
EMPLOYEE

Remove Inappropriate?
Delete or Edit for 15 minutes

Scott Fleckenstein, Official Rep, replied on May 01, 2008 19:01

Yeah, but SSL is expensive, either computationally or budget-wise (if you go for the accelerator cards).

Although expensive, on of Sun's new T2 boxes look absolutely tasty when it comes to crypto acceleration though.

this answers the question

Add a comment This answers the question Mark as a company answer
Remove Inappropriate?
Delete or Edit for 15 minutes

Benjamin Stover replied on May 01, 2008 19:26

I see your point! We have a really sexy load balancer that does our SSL encryption/decryption in hardware. I think it was well worth the money.

Anyways, even if the Satisfaction API was re-architectured so I know I'm talking to you guys, I still should escape what I get, just in case. I don't want your potential escaping bug to become mine. I love you guys, but not that much!

I’m paranoid

this answers the question

Add a comment This answers the question