[FLOW3-general] Security framework for escaping/ encoding output?

Bastian Waidelich bastian at typo3.org
Mon Sep 20 11:55:32 CEST 2010

Previous message: [FLOW3-general] Security framework for escaping/ encoding output?
Next message: [FLOW3-general] Security framework for escaping/ encoding output?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bastian Waidelich wrote:

> What I could imagine is some kind of ESAPI viewhelper that you could use
> something like this
>
> {name -> f:security.esapiJavaScript()}

Well, probably more like

{name -> f:security.esapi(codec: 'JavaScript')}

which is btw the same as

<f:security.esapi codec="JavaScript">
{name}
</f:security.esapi>

Previous message: [FLOW3-general] Security framework for escaping/ encoding output?
Next message: [FLOW3-general] Security framework for escaping/ encoding output?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the FLOW3-general mailing list