On 9/18/10 3:08 AM, Ralf Bitter wrote:
just to clarify:
active record database queries are escaped automatically by revIgniter,
not by the server engine. Obviously the revIgniter user guide is
capable of being misunderstood here. I will change that.
Regarding XSS attacks:
revIgniter comes with a Cross Site Scripting Hack prevention filter
which can either run automatically to filter all POST and COOKIE data
that is encountered, or you can run it on a per item basis.
Cheers
Ralf
where in the framework can i find that code i.e library files... for now
I need to use it outside the revigniter framework (see other memo on
that issue.)
Thanks!
Skts
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
