On Tue, Mar 8, 2011 at 8:31 AM, Zladivliba Voskuy <[email protected]>wrote:
> Less code means less vulnerabiliites. Hmm.. I would argue that less code means more vulnerabilities. In order to protect a simple application from potential threats code must be added (e.g. filters, validators, escaping mechanisms, etc). As for HtmlPurifier, it is bundled with "more code" that is there specifically for security reasons. -- *Hector Virgen* Sr. Web Developer http://www.virgentech.com
