Protecting the user from an XSS or SQL injection attack is one thing, accepting non-standard compliant feeds is another. <br><br>Did you waste the time to read a couple of threads before mine or did you have this reply tailor made a few days ago? The discussion was on weather to accept non-standard compliant RSS/RDF/ATOM feeds or not sweety. And a little on weather to push for PHP 5 or not. So why don&#39;t you stick to that for a change?
<br><br><div><span class="gmail_quote">On 6/19/07, <b class="gmail_sendername">Morbus Iff</b> &lt;<a href="mailto:morbus@disobey.com">morbus@disobey.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
&gt; Ahhh... so by sanitizing you mean accepting non-fully standards<br>&gt; compliant feeds? If that&#39;s what you mean then definitely not. I totally<br><br>No, I don&#39;t. I mean protecting the users from some idiot inserting XSS
<br>or anything else in his RSS items (knowingly or not). Someone in this<br>thread said they &quot;trust&quot; (hope?) that the consumer of their module<br>&quot;trusts&quot; the RSS feeds they consume. That&#39;s uh... foolish.
<br><br>The rest of your email was entirely ignorable.<br><br>--<br>Morbus Iff ( keep out of reach of children )<br>Technical: <a href="http://www.oreillynet.com/pub/au/779">http://www.oreillynet.com/pub/au/779</a><br>Culture: 
<a href="http://www.disobey.com/">http://www.disobey.com/</a> and <a href="http://www.gamegrene.com/">http://www.gamegrene.com/</a><br>aim: akaMorbus / skype: morbusiff / icq: 2927491 / <a href="http://jabber.org">jabber.org
</a>: morbus<br></blockquote></div><br>