Bèr Kessels wrote:
Hi there,
For my helpers module I am trying to be ACAP (as consistent as possible). And some things I have (not yet) decided on, but which IMO could be very usefull for the codyng guidelines and core:
* I filter ONLY in the theme function. That way you can be assured that theme functions get the raw data. Having ONE place, and one way where/how we filter makes it easier to look for sec. issues. 'My rule' is: As soon as we make an HTML string from something, we filter it. Anything that gets HTML programatically is therefore filtered.
I think this is a pretty bad idea. This way every themer has a chance to remove our XSS checks.
* t(): on the same level. Only in the theme level do we output t()ed strings. This makes it a lot simpler, because you know that functions and methods pass the original strings along, and that they are only translated in the VERY END. This should also make testing against strings a lot easier. I even found a critical sec. issue that opened the "access control open to the world" because I translated two string similar.
I am not too thrilled about that either. Themers might decide to change strings and then we would need theme dependend translations. Cheers, Gerhard