Michael B Allen wrote:
Can someone recommend a general method for avoiding / eliminating XSS vulnerbilities with PHP?
Yeah, escape output. It's really that simple.Curt Zirzow made a nice post related to this topic yesterday., and here's a simple example:
http://phpsecurity.org/code/ch01-4 Hope that helps! Chris -- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
