By jrandol
via eng.genius.com
Published: Jul 31 2010 / 06:53
Some time ago, Genius Engineering decided to unify the manner in which we encode values that contain user input. We previously depended upon the PHP built-in htmlentities() and some simple wrappers around it for our encoding needs, but this function alone can’t safely sanitize tainted data in all contexts. Furthermore, we didn’t have a unified vision of whether encoding should happen immediately upon receipt of data from the user or when we display that data to the user.
-
The end of multitasking as you know it
-
Apple Has Removed Airfoil Speakers Touch From The iOS App Store
-
Use CodePorting Engine To Convert C# Using Statement To Java Online
-
5 Reasons why decoupled-ness matters to your clients
-
IBM bans employees from using Siri over privacy fears
-
Mobile Data Site Illustrates Power of Consumerized Big Data
Add your comment
