mirror of
https://github.com/php/php-src.git
synced 2024-09-21 09:57:23 +00:00
Update TODO: filter extension was added
This commit is contained in:
parent
4bd17132b1
commit
6a6ae2f713
20
TODO-PHP5
20
TODO-PHP5
@ -48,26 +48,6 @@ Responsibility: Shane Caraveo & each sapi module owner
|
||||
Timeframe: ? (but shouldn't be much effort, most modules are probably ok)
|
||||
|
||||
|
||||
Component: Input Filtering
|
||||
- Implement a SAPI input filter hook that will get called
|
||||
just before registering a variable in the
|
||||
treat_data/post_handler hooks. (done)
|
||||
- Make sure this is also done in mbstring (done)
|
||||
- Provide access functions, or perhaps a new
|
||||
$_RAW_GET/POST/Cookie set of superglobals to get at the
|
||||
unfiltered data
|
||||
- Provide a .ini directive which allows people to set their
|
||||
input filter to one of the built-in strip_tags,
|
||||
htmlspecialchars or whatever other internal function might
|
||||
be useful here.
|
||||
- (The main benefit of this is to make it easier for people
|
||||
to solve the XSS problem once and for all without having
|
||||
to go through every line of their code and adding input
|
||||
validation/filtering everywhere)
|
||||
Responsibility: Rasmus
|
||||
Timeframe: Yesterday
|
||||
|
||||
|
||||
Component: RPC Abstraction Layer
|
||||
Porting java, com, dotnet, xmlrpc, corba, soap and python, srm
|
||||
(are there more ?) to work with the new oo api and preferably
|
||||
|
Loading…
Reference in New Issue
Block a user