[TYPO3-mvc] viewhelpers: stripHTML & removeXSS - what should be tested?
Helmut Hummel
typo3 at jhpc.de
Sat May 23 12:48:20 CEST 2009
Hi Sebastian,
Am 22.05.2009 17:49 Uhr, schrieb Sebastian Kurfürst:
>
>> Well OK. I did not look at the whole validation stuff yet, but
>> nevertheless I think, that the person who writes the templates should
>> not cope with removeXSS, data should be escaped beforehand.
> Actually this is a feature which entered Fluid (for v5) today, and will
> be backported during the next days. Basically all Object Accessors get
> postprocessed :-)
That's what I meant, great!
Kind regards
Helmut
More information about the TYPO3-project-typo3v4mvc
mailing list