[nycphp-talk] More confused now then before by PHP security!
cliff
cliff at pinestream.com
Sun Jan 22 17:24:16 EST 2006
While we are on the subject of escaping output, here's one that has me
somewhat confused.
Should I be escaping output for emails? And if so, with what?
On the one hand, an email msg. could end up in a browser-based client. But
on the other, it should be the responsibility of the email client program to
escape output, whether it's browser-based or a client-side application --
right?
More information about the talk
mailing list