iliaa Wed Apr 25 18:22:43 2007 UTC Modified files: (Branch: PHP_5_2) /php-src TODO-PHP5 Log: Update TODO: filter extension was added http://cvs.php.net/viewvc.cgi/php-src/TODO-PHP5?r1=1.3&r2=1.3.6.1&diff_format=u Index: php-src/TODO-PHP5 diff -u php-src/TODO-PHP5:1.3 php-src/TODO-PHP5:1.3.6.1 --- php-src/TODO-PHP5:1.3 Fri May 28 09:06:56 2004 +++ php-src/TODO-PHP5 Wed Apr 25 18:22:43 2007 @@ -48,26 +48,6 @@ Timeframe: ? (but shouldn't be much effort, most modules are probably ok) -Component: Input Filtering - - Implement a SAPI input filter hook that will get called - just before registering a variable in the - treat_data/post_handler hooks. (done) - - Make sure this is also done in mbstring (done) - - Provide access functions, or perhaps a new - $_RAW_GET/POST/Cookie set of superglobals to get at the - unfiltered data - - Provide a .ini directive which allows people to set their - input filter to one of the built-in strip_tags, - htmlspecialchars or whatever other internal function might - be useful here. - - (The main benefit of this is to make it easier for people - to solve the XSS problem once and for all without having - to go through every line of their code and adding input - validation/filtering everywhere) -Responsibility: Rasmus -Timeframe: Yesterday - - Component: RPC Abstraction Layer Porting java, com, dotnet, xmlrpc, corba, soap and python, srm (are there more ?) to work with the new oo api and preferably
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php