https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Martin Renvoize <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.renvoize@ptfs-europe | |.com --- Comment #212 from Martin Renvoize <[email protected]> --- The approach here is correct in my opinion.. we should treat everything as unsafe and thus escape it by default unless we've manually checked it and marked as safe. Yes, this will impact performance at first and highlight some especially nasty areas of koha. We should use those highlights as a hitlist of areas to concentrate on a) checking security and marking as safe when possible and b) refactoring templates to more sparsely use variables when possible. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
