PHP - security etc
msergeant at messagelabs.com
Thu Mar 8 03:12:56 GMT 2007
On 7-Mar-07, at 4:22 PM, Paul Makepeace wrote:
> This didn't work nearly as well in practice as it appeared from
> reading the tin. Have you actually used it in anger or is this a copy
> & paste solution from another thread? The conclusion I got from
> reading between lines on catalyst, templates, and london.pm is that
> Perl just doesn't have decent HTML+template+escaping yet either.
I assume you by "+template" you mean Template Toolkit. Otherwise, you
just haven't used the right tools yet. AxKit for example mitigates
all XSS attacks - there's almost no way to create a web site
vulnerable to XSS attacks with it.
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
More information about the london.pm