On Apr 9, 2010, at 8:52 AM, Dru Satori wrote: > [soapRequestXml appendFormat:@"\t\t\t<%@>%@</%@>\n", paramName, paramValue, > paramName];
Minor note: I hope none of your parameter values contain any XML metacharacters like quotes or angle-brackets, or you’re going to at minimum generate invalid XML, and at worst (if the values might come from an untrusted source) open yourself up to XML injection attacks. —Jens_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
