On 2004-01-09, Mark Stosberg <[EMAIL PROTECTED]> wrote:
> On 2004-01-09, petersm <[EMAIL PROTECTED]> wrote:
>> Mark Stosberg <[EMAIL PROTECTED]> wrote
>>> That last bug report prodded me to check the CPAN bug system for any
>>> other open CGI::App bugs. I found one that could still use attention.
>>> It suggests approving the dump_html() method to properly HTML-escape
>>> output. Seems reasonable to me.
>>>
>>> Any volunteers to write the code and tests for this?
>>> Full details are here:
>>> http://rt.cpan.org/NoAuth/Bug.html?id=1926
The solution here involved using CGI.pm's escapeHTML function, a
logical choice.
Just as a head's up, this is one more thing we are depending on the CGI
object to provide. So, if someone is using a CGI.pm alternative and
wants to use the dump_html() method, their object will need to supply
this method as well.
If that's perceived to be an issue, we could use an alternate solution.
Personally, I don't mind this additional dependency.
Mark
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
