Sam Varshavchik wrote:
Alessandro Vesely writes:
E.g. checking &xxx entities terminate with `;'?
But there's no _hot_ security concern, is there?
Just being proactive here -- in case MSIE, or something else --
misparses it in a way that could be exploited:
&foo<script>...
Thank you so much for those clarification, Sam.
All those threats sometimes bewilder me...
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
