[development] PHP 5 > aggregator.module rewrite to XML API?

Ashraf Amayreh mistknight at gmail.com
Tue Jun 19 20:53:36 UTC 2007


Protecting the user from an XSS or SQL injection attack is one thing,
accepting non-standard compliant feeds is another.

Did you waste the time to read a couple of threads before mine or did you
have this reply tailor made a few days ago? The discussion was on weather to
accept non-standard compliant RSS/RDF/ATOM feeds or not sweety. And a little
on weather to push for PHP 5 or not. So why don't you stick to that for a
change?

On 6/19/07, Morbus Iff <morbus at disobey.com> wrote:
>
> > Ahhh... so by sanitizing you mean accepting non-fully standards
> > compliant feeds? If that's what you mean then definitely not. I totally
>
> No, I don't. I mean protecting the users from some idiot inserting XSS
> or anything else in his RSS items (knowingly or not). Someone in this
> thread said they "trust" (hope?) that the consumer of their module
> "trusts" the RSS feeds they consume. That's uh... foolish.
>
> The rest of your email was entirely ignorable.
>
> --
> Morbus Iff ( keep out of reach of children )
> Technical: http://www.oreillynet.com/pub/au/779
> Culture: http://www.disobey.com/ and http://www.gamegrene.com/
> aim: akaMorbus / skype: morbusiff / icq: 2927491 / jabber.org: morbus
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20070619/01802d78/attachment.htm 


More information about the development mailing list