13 Sep
2003
13 Sep
'03
11:15 a.m.
Dylan Reinhardt wrote at 2003-9-10 17:41 -0700:
On Wed, 2003-09-10 at 16:46, Roy Rapoport wrote:
Jamie Heilman wrote: [Zope Security is an oxymoron]
3) Never use DTML.
Why? ... For my money, TAL provides almost no major advantage over DTML except that it breaks before you get into trouble using it for too much logic.
It does automatic HTML quoting on dynamic content (unless you use "structure") and therefore provides more protection against cross scripting attacks. Dieter