what do i need to know to develop an app that is relatively safe from common
security issues like SQL Injections, XSS etc etc?
did i read some where that getRequest()->getParam('something') will be
filtered by default?
btw, if something is filtered/escaped for SQL, i need to unescape it for
display right? is that handled by ZF by default already?
when i output for the output in HTML, how do i "escape" to reduce the risk
of XSS?
what happens if i need to output HTML? i need to disable this behavior?
--
View this message in context:
http://www.nabble.com/Security---Preventing-SQL-Injections%2C-XSS-etc-tp23900449p23900449.html
Sent from the Zend Framework mailing list archive at Nabble.com.
