On Fri, Mar 26, 2004 at 11:52:41AM -0500, Geoff Howard wrote: > Tony Collen wrote: > >Hmm, it's been too long since I've been diving into internals... would > >it be possible to have to configure the PreparedVariableResolver in > >cocoon.xconf, which would allow us to choose between nestable and > >un-nestable resolvers? Or is this too much configurability? :) > > Unless there is an imaginable time where a user who does not want to have > neted behavior happen has to use such a form in their sitemap (which I > can't imagine currently) then I see no need for the configuration.
You mean like to prevent injection attacks like SQL handles via prepared statements and parameters? --Tim Larson
