[keyword] security

Drupal 7: functions related to security

Some key points adapted from Handle text in a secure fashion:

NB: the form elements #description and #title require you to sanitise any user-supplied substitution text using @user_supplied or %user_supplied (not !user_supplied).

NB: block descriptions (but NOT TITLES) are automatically sanitised.

WS-Security

Subscribe to RSS - security