At Sat, 22 Jun 2002 15:56:12 -0400 (EDT), Sam Tregar wrote: > > This patch allows you to do > > > > HTML::Template->new(default_escape => 'HTML'); > > > > then your TMPL_VARs will always be HTML-escaped unless you explicitly > > specify ESCAPE=0, which will be a handy guard against Cross Site > > Scripting attacks. > > Looks good to me. All it needs now is some documentation. I'll do the > English if you'll do the Japanese.
Surely, will do ;-) -- Tatsuhiko Miyagawa <[EMAIL PROTECTED]> ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ _______________________________________________ Html-template-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/html-template-users
