Posted by Chris Shiflett on 11/12/05 05:01

Chris Shiflett wrote:
> However, most security issues like XSS and SQL injection aren't
> really input filtering problems. Often, input filtering can
> effectively eliminate these vulnerabilities (and there's no
> excuse to not be filtering input), but escaping addresses the
> root cause of the problem.

I decided to blog about this in more detail:

http://shiflett.org/archive/168

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

[Back to original message]