[TYPO3-core] RFC: #14911: Validation errors in list view: & > &-amp;
Jigal van Hemert
jigal at xs4all.nl
Tue Jun 29 09:55:51 CEST 2010
Georg Ringer wrote:
> v2 fixes CGL too
+1 on reading.
Did a quick search on /&[a-zA-Z]+[-_a-zA-Z0-9]+(?=\[|=)/ in trunk. This
gave 1491 matches in 197 files. There are a lot of false-positives in
the results (inside comments for example), but I estimate that about
half of it are query parameters.
Each case has to be reviewed to see the context and to decide if it is
used as HTML output and not already htmlspecialchars-ed later in the code.
--
Jigal van Hemert
skype:jigal.van.hemert
msn: jigal at xs4all.nl
http://twitter.com/jigalvh
More information about the TYPO3-team-core
mailing list