lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Le 20 févr. 08 à 22:16, Petite Abeille a écrit :

On Feb 20, 2008, at 9:58 PM, Bertrand Mansion wrote:

This would indeed solve one part of the problem. Another cleaner solution consists in escaping special html characters (also in links urls). For example, you should make sure that this markdown: [click here]( ">) is translated to : <a href=";&gt;";>click here</a> and not <a href="";>">click here</a> otherwise, you are prone to XSS attacks and things related.

<p><a href=";";>click here</a> </p>

Is it what you meant?

Yes, you fixed it :)

I am not an expert at these technologies, I just thought Fastcgi+a robust http server would be more efficient if the wiki gets lots of traffic. I don't know how your HTTP server works in this regard, though.

Very much like any HTTP server:

Any of those configurations are possible.

Very interesting, thank you.

Bertrand Mansion
Work :
Blog :