That's true, we do control both sides of that transaction. Any ideas why we should have to resort to this??
On Tue, Jul 10, 2012 at 5:38 PM, Greg Allensworth <[email protected]>wrote: > On 7/10/2012 2:35 PM, Joel Leininger wrote: > >> That works. But I'm under the impression that eval() is a bad, bad thing >> from a security standpoint. Is this safe code to use in a production >> environment? >> > > Only if you can trust the programmer who's sending you the WKT. > > In your case, you're the author and it's your database, and you can > probably ensure that the WKT will never contain malicious JavaScript code. > > > -- > Greg Allensworth, Web GIS Developer > BS A+ Network+ Security+ Linux+ Server+ > GreenInfo Network - Information and Mapping in the Public Interest > 564 Market Street, Suite 510 San Francisco CA 94104 > PH: 415-979-0343 x302 FX: 415-979-0371 email: [email protected] > Web: www.GreenInfo.org www.MapsPortal.org > > Subscribe to MapLines, our e-newsletter, at www.GreenInfo.org > > >
_______________________________________________ Users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/openlayers-users
