Thank you all, it works. I just created Phyton wrap for my PHP
functions and use this class as db;
But this is not safe: I tried to parse:
wikicode:
{| border='cde' onclick='alert(123)'
| cell 1.1
| cell 1.2
|-
| cell 2.1
| cell 2.2
|}
mwlib fixed border, but passed `onclick='alert(123)''. I need to parse
user input, and it is wrong to pass javascript.
mwlib fixed border value to integer, it means, that there exists list
of allowable attributes. How to make it safe?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"mwlib" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/mwlib?hl=en
-~----------~----~----~----~------~----~------~--~---
