Re: [htmltmpl] Suggestion on how to eliminate Cross-site-scripting (XSS) bugs for good.
Brought to you by:
samtregar
Menu
▾
▴
Re: [htmltmpl] Suggestion on how to eliminate Cross-site-scripting (XSS) bugs for good.
|
From: Michael P. <mp...@pl...> - 2006-10-17 13:55:08
|
Alex Kapranoff wrote: > ESCAPE="0" works for now. Well, there you go, I didn't even know you could do that. Shlomi, I think using default_escape and escpe=0 for the exceptions is a much cleaner way to go. -- Michael Peters Developer Plus Three, LP |
