IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Software and Applications Forum / Parameter Escaping is a nono.
Post #339,975
by folkert
Picture of folkert
2/21/11 8:03:28 PM
Reply
New Parameter Escaping is a nono.
We have use about 5 parameters in some mailing lists.

This means they need to be real and not escaped.
Post #339,980
by static
Picture of static
2/21/11 8:37:48 PM
Reply
New That's what I thought.
I found an RFC that ... uh, didn't dispute that. (It doesn't actually say "do not HTML escape" -- but reading it in context and it's clear that HTML escaping is not wanted there.)

Wade.
Q:Is it proper to eat cheeseburgers with your fingers?
A:No, the fingers should be eaten separately.
     HTTP parameters and escaping. - (static) - (2) - Feb. 21, 2011, 07:58:34 PM EST
         Parameter Escaping is a nono. - (folkert) - (1) - Feb. 21, 2011, 08:03:28 PM EST
             That's what I thought. - (static) - Feb. 21, 2011, 08:37:48 PM EST

Give a man a fish, and chances are you won't be asked to be in charge of buying a gift ‘from all of us’ anymore.
39 ms