Changes between Initial Version and Version 1 of Ticket #7656, comment 5
- Timestamp:
- 01/17/2018 12:19:54 PM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #7656, comment 5
initial v1 3 3 If there's no way to inject a value into a unit of code at runtime (be that a search form value, or the result of an API request, or data from an RSS feed, etc), then it's safe -- at least from this very specific perspective. 4 4 5 We don't need to harden BuddyPress against developers making poor choices with how they write their code (i.e. making up their own HTML elements ).5 We don't need to harden BuddyPress against developers making poor choices with how they write their code (i.e. making up their own HTML elements, because that's harmless - it just wouldn't work).