Hi David,

On Tue, Oct 13, 2009 at 4:37 PM, David Pollak
<feeder.of.the.be...@gmail.com> wrote:
> Why does Lift use XHTML rather than Strings or something else for
> templating?  Because XML is a secure (and fast) representation.  While PHP
> sites have significant cross site scripting problems, Lift apps have none
> (and I've been through half a dozen penetration test with Lift apps and the
> universal evaluation is "this is the most secure web site we've ever
> tested.")
>
Can you elaborate on how XHTML eliminates the XSS potential of
strings? Doesn't an XHTML file have strings in it in between the
markup?

Bill
----
Bill Venners
Artima, Inc.
http://www.artima.com

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Lift" group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to 
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/liftweb?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to