Hi, 2012/4/10 Ángel González <keis...@gmail.com>: > On 09/04/12 21:17, Yasuo Ohgaki wrote: >> Please do not tell me that programmer should >> learn not to, since it's not a protection but education. > Hire a more competent programmer? If he writes such code, > he will be completely unaware of the subtleties of XSS, or how > SQL should be escaped, and his code is probably beyond > "protection". You're better served by rewriting it.
I'm teaching at University on occasion. Do you forget how you have learned languages? > > >> If programmers/administrators could disable embed mode, >> then systems will be protected from vulnerable codes. > How do you enforce that the application you need doesn't rely on it? > > Note: 'education' is also forbidden as you restricted it in the > previous question. :-) > Why do you insist while there is a systematic solution for it? Regards, -- Yasuo Ohgaki -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
