|
Stefan Sandberg wrote:
So, if everything you want isn't provided to you, it's not serious anymore?
I wouldn't dare go that far. I understand that both the Lua project and the Kepler project strive for simplicity and small size; that's what I appreciate most about them both. I also realize that I can very easily write my own HTML escape function; I already have.
However, few would dispute that the primary output format of CGI programs is HTML; CGILua acknowledges this by providing other conveniences for rendering HTML, such as Lua Pages. Moreover, most non-trivial web applications must display user input, database records, and other, potentially untrusted, non-HTML sources. Threfore, it seems to me that an HTML escape function would be needed frequently enough to be included in CGILua or some other Kepler package. That's why I was so alarmed to learn that there is no such function in any of the Kepler packages. Perhaps I over-reacted, but I still think an HTML escape function should be included in CGILua.
Matt