On 2/12/06, Nathaniel S. H. Brown <[EMAIL PROTECTED]> wrote: > As I said before, I (or we, for whoever is in support) can solve the minor > details, and provide solutions with a little bit of creativity. I am of the > opinion that if you see points such as the ones you mentioned, you may also > be able to see how to fix them, if you so desire. I have some suggestions.
Nathaniel, I don't think that this is a solvable problem. What would you propose the output of link_to and other helpers be? Why can't malicious users encode their text in such a way. Given the complexity involved in solving these problems, and the performance cost of escaping everything (it's considerable). This isn't something we're going to change. -- Cheers Koz _______________________________________________ Rails-core mailing list Rails-core@lists.rubyonrails.org http://lists.rubyonrails.org/mailman/listinfo/rails-core
