[ZPT] Re: [Zope] prevent quoting in tal:attributes
Chris Withers
chrisw at nipltd.com
Tue Oct 7 07:45:15 EDT 2003
Jamie Heilman wrote:
> ...and therein lies the rub. Uncertainty in the face of security is
> reason enough to unconditionally quote attribute values in my mind.
In an end user app definitely.
As a default, probably.
As the only option in an application development environment, huh?!
As a programmer I don't want the environment to limit what I can and can't do.
However, it would be good if it made it less likely for me to do the wrong thing
by default.
I DO NOT want to have everthing quoted with no choice in the matter ;-)
Chris
More information about the ZPT
mailing list