On Jun 23, 9:22 pm, majna <majna...@gmail.com> wrote: > - enable "code and context" only for dev host (127.0.0.1)
Great idea, until you realise that most large development houses have separate dev hosts. Even for my personal projects at home I have a separate dev host. It is simple, production sites should not be running in debug mode. In the case of CakePHP systems it is as simple as setting debug = 0, for standard php systems you wouldn't set error_reporting to 0. It should not be the responsibility of the CakePHP core team, or any members of the community to ensure that the developer makes their application secure. The responsibility for coding secure sites lies solely on the shoulders of the developer(s) coding that site. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php