[Typo3-dev] typo3 security team
René Fritz
r.fritz at colorcube.de
Thu Sep 25 18:22:05 CEST 2003
> > It might not be bad to have an additional document which describes how to
> > write safe plugins/code or the other way around to show how it is wrong.
> This might be a very difficult project.
> What is safe or unsecure?
I disagree here.
There are a few things you can do to make code more safe. For example output
non-HTML content with htmlspecialchars() which is first of all a good thing
to do anyways and second it deactivates javascript which shouldn't be there.
That document can describe some problems which occurs more often in web
applications and how to deal with them.
René
--
COLORCUBE
digital media lab
www.colorcube.de
More information about the TYPO3-dev
mailing list