Rasmus Lerdorf:
> > I don't think it's unreasonable to require scripts outputting content
> > other than HTML to include a line that modifies the default behaviour.
> > Surely the benefits far outweigh that cost.
>
> That's already there. They set the content-type. The problem becomes
> when they set it vs. when output goes out. It's also very common to
> turn on output buffering and buffer a bunch of stuff and then set the
> content-type just before flushing the buffer.
That practice would be incompatible with taint checks. I suppose
having to specify the type first is not a burden for the application,
because the application knows what output it is going to produce,
before it produces it.
Taint policy is applied to echo (and print, etc.) arguments. It
can't be applied to the contents of the output buffer, because that
would be prohibitively expensive. One would need to record that
byte A came from function B argument C at file D line E, and that
byte A had a particular set of taint labels.
Wietse
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
