- From: Matt Mullenweg <m@mullenweg.com>
- Date: Mon, 25 Jan 2010 16:56:11 -0800
- To: Shelley Powers <shelley.just@gmail.com>
- CC: "Tab Atkins Jr." <jackalmage@gmail.com>, Ian Hickson <ian@hixie.ch>, "public-html@w3.org WG" <public-html@w3.org>, matt@mullenweg.com
On 2010-01-24 10:04 AM, Shelley Powers wrote: > I've also cc'd Wordpress's Matt Mullenweg, since we're talking about > how vulnerable a CMS such as Wordpress is when it comes to sanitizing > comment content. Perhaps he could provide his view on the matter on > this vulnerability, if he has time. Matt, would you mind giving us > your view on vulnerability of comments in CMS today? We haven't had any HTML-level problems in comments in a while. We use and maintain a library called KSES that we use for all sanitation, and it has served us well. -- Matt Mullenweg http://ma.tt | http://wordpress.org | http://automattic.com
Received on Tuesday, 26 January 2010 00:56:41 UTC