On Friday, February 18, 2011 06:07:57 am dave b wrote: > On 19 February 2011 00:57, Shawn Milochik <sh...@milochik.com> wrote: > > I also didn't see the part where they state that you shouldn't put your > > database login information in a template. That's probably because Django > > is designed to allow Web developers to do their jobs more easily, not > > allow people who don't know what they're doing make Web applications. If > > you're going to do something really stupid then blame Django in some > > way, then you're probably not competent at the job. > > Um. While it might be obvious to us it might not be so obvious to others. > So this comment, > " If you're going to do something really stupid then blame Django in > some way, then you're probably not competent at the job" shows a lack > of thought for other users given the way the django documentation > found at [0] is presented. > > [0] - > http://docs.djangoproject.com/en/dev/topics/templates/#automatic-html-esca > ping
is this what you're looking for? http://www.owasp.org/index.php/OWASP_Application_Security_FAQ Mike -- "And what will you do when you grow up to be as big as me?" asked the father of his little son. "Diet." -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
