[Rails] Re: Best Practices: Escaping text on input or output?
Adam Denenberg
straightflush at gmail.com
Wed Feb 1 13:43:18 GMT 2006
I think this is something that someone should add to the BestPractices
page on the rails wiki.
http://wiki.rubyonrails.org/rails/pages/RailsBestPractices
adam
On 2/1/06, Alex Young <alex at blackkettle.org> wrote:
> Phillip Hutchings wrote:
> > I think it's always best to explicitly escape, then you know that you've
> > done it.
> +1 to that. Moreover, if you get used to magic_quotes, you're more
> likely to make the assumption that they apply when you're developing
> something to be deployed where they're actually turned off. Can be nasty.
>
> --
> Alex
> _______________________________________________
> Rails mailing list
> Rails at lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
More information about the Rails
mailing list