On 4/27/07, Patrick R. Michaud <[EMAIL PROTECTED]> wrote: > FWIW, PmWiki provides the PQA() function, which analyzes HTML > attributes to make sure they are properly quoted (for XHTML), > and to suppress any onclick/onfocus/onblur/etc. attributes that > might be used for XSS attacks.
Always happy to build on your work Pm! Can I run this on the final output before it is returned? Or should it just be run on the attributes part of the tag as you seem to have done in your tables? Cheers, Dan PS. Your suggestions got the pattern working. Thanks to you and Hans both! _______________________________________________ pmwiki-devel mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-devel
