Central place for output sanitizing (was Re: [development] more consistency in theme functions and output concepts.)

Khalid B kb at 2bits.com
Thu May 11 17:38:44 UTC 2006


On 5/11/06, Bèr Kessels <ber at webschuur.com> wrote:
> I think we should aks the people working on the new output system what they
> thnk, or plan.
>
> Op donderdag 11 mei 2006 14:28, schreef Dries Buytaert:
> > > > I think this is a pretty bad idea. This way every themer has a chance
> > > > to remove our XSS checks.
> > >
> > > Sounds fair.
> > >
> > > However, we now do *not* have a central place. Quite some of our
> > > checks/filters DO appear in theme functions!
> >
> > Having a central place sounds like a particularly good idea, IMO.  I
> > usually don't use contributed module because they are prone to
> > security issues.  If all the escaping was (forced to be) done in a
> > central place, it would be ten times easier to audit the code (before
> > installing it).  Whether this is feasible in the theme layer, I don't
> > know.  I do know, however, that I like the idea.
>
> Bottomline: We could do better, security-wise, if we have either agreements on
> where sanitzing should happen, or if we have such a layer built into Drupal
> itself.
>
> I recall some people working on a new concept for outputting "stuff". Building
> on top of Fapi. Using concepts from fapi.
>
> Is this part of your plans? Or should we look for a solution that is not in
> that layer?

Is this related to the classic debate of whether filtering should happen by
default for everything or not?

(Karoly and Steven: any comments?)


More information about the development mailing list