发表新帖
发表新帖

What are the best practices for avoiding xss attacks in a PHP site

前端 未结
关注
20 2376
佛祖请我去吃肉
佛祖请我去吃肉 2020-11-22 02:34

I have PHP configured so that magic quotes are on and register globals are off.

I do my best to always call htmlentities() for anything I am outputing that is derive

20条回答
  • 北荒
    北荒 (楼主)
    2020-11-22 03:24

    rikh Writes:

    I do my best to always call htmlentities() for anything I am outputing that is derived from user input.

    See Joel's essay on Making Code Look Wrong for help with this

    0 讨论(0)
 看不清?
提交回复
热议问题