[Rails] Re: Best Practices: Escaping text on input or output?
Alex Young
alex at blackkettle.org
Wed Feb 1 14:12:55 GMT 2006
Adam Denenberg wrote:
> I think this is something that someone should add to the BestPractices
> page on the rails wiki.
Not sure how relevant that would be, given that it's a PHP tip :-)
--
Alex
>
> http://wiki.rubyonrails.org/rails/pages/RailsBestPractices
>
> adam
>
> On 2/1/06, Alex Young <alex at blackkettle.org> wrote:
>> Phillip Hutchings wrote:
>>> I think it's always best to explicitly escape, then you know that you've
>>> done it.
>> +1 to that. Moreover, if you get used to magic_quotes, you're more
>> likely to make the assumption that they apply when you're developing
>> something to be deployed where they're actually turned off. Can be nasty.
>>
>> --
>> Alex
>> _______________________________________________
>> Rails mailing list
>> Rails at lists.rubyonrails.org
>> http://lists.rubyonrails.org/mailman/listinfo/rails
>>
> _______________________________________________
> Rails mailing list
> Rails at lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
More information about the Rails
mailing list