A taint mode doesn't make sense IMHO. I know Perl has it, but it
works in a substantially different way. Where is the point in having
to "unlock" a request parameter before you can access it. Either way,
you know you shouldn't trust user input.
- David
Am 22.03.2006 um 16:26 schrieb Johan Mjönes:
David Zülke skrev:
Use validators or write a custom filter!?
I will still need support in the Request for the tainted data.
Validating every parameter is not nearly as flexible my solution.
/j
--
Johan Mjönes
Senior Developer
Online Gaming Platform
Phone: +46 8 789 12 00
Fax: +46 8 789 12 12
Cell: +46 7 052 838 55
E-mail: [EMAIL PROTECTED]
Internet: www.ongame.com
This e-mail (including attachments) is strictly confidential and
intended solely for designated recipient(s). It contains privileged
and confidential information. If you have received this e-mail in
error, you must not disseminate, copy, distribute or take any
action in reliance on it. Please notify us immediately and delete
this e-mail and any attachments. Thank you.
_______________________________________________
agavi-dev mailing list
[email protected]
http://labworkz.com/cgi-bin/mailman/listinfo/agavi-dev
_______________________________________________
agavi-dev mailing list
[email protected]
http://labworkz.com/cgi-bin/mailman/listinfo/agavi-dev
