[TYPO3-core] RFC: Add external RemoveXSS library to TYPO3
Thorsten Kahler
thorsten.kahler at dkd.de
Sat Sep 22 17:55:30 CEST 2007
Hi all,
I didn't take notice of that lib before so I can't say anything about it's
quality and reliability. In general I'd vote for including tested and
approved external libraries for security purposes.
When taking a first look at the patch I came across the notice "Used with
permission by the author.". So the licence question came to my mind. How is
the code licensed? And do we have the authors permission to include it in TYPo3?
Best regards to all of you who enjoy their time in Karlsruhe,
Thorsten
Michael Stucki wrote on 22.09.2007 17:37:
> Hi guys,
>
> Lars Houmark asked me on behalf of the security team if we could add this
> function to TYPO3.
>
> It's about removing XSS code from any input string. It seems to work very
> well, therefore we should start using it as soon as it's committed.
>
> Branches: Trunk only
>
> - michael
>
--
Thorsten Kahler
. . . . . . . . . . . .
Je TYPO3, desto d.k.d
d.k.d Internet Service GmbH
Kaiserstr. 79
D - 60329 Frankfurt / Main
Registergericht: Amtsgericht Frankfurt am Main
Registernummer: HRB 45590
Geschäftsführer: Olivier Dobberkau, Götz Wegenast.
fon: +49 (0)69 43 05 61 - 70
fax: +49 (0)69 43 05 61 - 90
mail: thorsten.kahler at dkd.de
home: http://www.dkd.de
Aktuelle TYPO3-Projekte:
www.deutsche-bildung.de Relaunch
www.metz.de Relaunch
www.provadis.de barrierefrei, Relaunch
More information about the TYPO3-team-core
mailing list