[EMAIL PROTECTED] wrote: > not true. no browser interprets a single "<" as a tag unless it has a > valid tag name (and company) and closing ">" directly after it. only the > most rudimentary implementations would blindly strip "<"s without looking > at their context.
So, how exactly would you validate the input without forbidding anything? Michael --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers -~----------~----~----~----~------~----~------~--~---