On 5/11/06, Bèr Kessels <ber@webschuur.com> wrote:
I think we should aks the people working on the new output system what they thnk, or plan.
Op donderdag 11 mei 2006 14:28, schreef Dries Buytaert:
I think this is a pretty bad idea. This way every themer has a chance to remove our XSS checks.
Sounds fair.
However, we now do *not* have a central place. Quite some of our checks/filters DO appear in theme functions!
Having a central place sounds like a particularly good idea, IMO. I usually don't use contributed module because they are prone to security issues. If all the escaping was (forced to be) done in a central place, it would be ten times easier to audit the code (before installing it). Whether this is feasible in the theme layer, I don't know. I do know, however, that I like the idea.
Bottomline: We could do better, security-wise, if we have either agreements on where sanitzing should happen, or if we have such a layer built into Drupal itself.
I recall some people working on a new concept for outputting "stuff". Building on top of Fapi. Using concepts from fapi.
Is this part of your plans? Or should we look for a solution that is not in that layer?
Is this related to the classic debate of whether filtering should happen by default for everything or not? (Karoly and Steven: any comments?)