Or use the freaky freaky sandbox: http://code.whytheluckystiff.net/sandbox/.
- Nathan Mislav Marohnić wrote: > On 10/3/07, *Jeff Casimir* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > > Such as... > > %h1 Innocently Printing... > %p > HAML is Great...and now for destruction! > = "KaBLAM!" if User.find(:all).each{|u| u.destroy} > > > And even if you don't use Rails, users can -- through Ruby code -- > gain access to your system. > > If you allow users to edit and store Haml templates on your site, > always use suppress_eval when rendering those templates. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Haml" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/haml?hl=en -~----------~----~----~----~------~----~------~--~---
