19 Jun
2002
19 Jun
'02
12:18 p.m.
"FL" == Fredrik Lundh
writes:
FL> combine 1, 2, and 3 with _getframe(), and you have a FL> feature that crackers are going to love... Why? I've added a note that you should never use no-arg .sub() on strings that come from untrusted sources. Are there any other specific security concerns you can identify? -Barry