[convertchars] on potential malicious input even in a link?
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 27415
interpreted = N
texte = remember the recommendation to use [convertchars] to change < to someone else whendisplaying user input in the HTMl to prevent possible malicious doings...?Do we need to wrap displayed db content that has originated from an unknown user if it's ina hypertext link?Will