Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:17899
Return-Path: <george@omniti.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 73693 invoked by uid 1010); 12 Aug 2005 18:48:26 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 73678 invoked from network); 12 Aug 2005 18:48:26 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 12 Aug 2005 18:48:26 -0000
X-Host-Fingerprint: 66.80.117.3 longsword.omniti.com Linux 2.5 (sometimes 2.4) (4)
Received: from ([66.80.117.3:37286] helo=mail.omniti.com)
	by pb1.pair.com (ecelerity 2.0 beta r(6323M)) with SMTP
	id 77/6B-33075-9FEECF24 for <internals@lists.php.net>; Fri, 12 Aug 2005 14:48:25 -0400
Authentication-Results: mail.omniti.com smtp.user=george; auth=pass (LOGIN)
DomainKey-Status: good
X-DomainKeys: Ecelerity dk_sign implementing draft-delany-domainkeys-base-01
DomainKey-Signature: q=dns; a=rsa-sha1; c=nofws;
	s=test; d=omniti.com;
	h=Received:In-Reply-To:References:Mime-Version:Content-Type:Message-Id:Cc:Content-Transfer-Encoding:From:Subject:Date:To:X-Mailer;
	b=eXTSLnqbaUSth2t2PUiB+GJ3kyoFnMujFMn0kRYEo+REmbll0Kb5b98Y1HbEDCpy
	hnOE165ZCMIxorvLXIt2x+oIulYIz1KdeZ9MEdjpyEcQ/dp3iVykdaHE4D+zt4Dw
Received: from ([66.80.117.2:60474] helo=[10.80.116.150])
	by mail.omniti.com (ecelerity 2.0 r(6416M)) with SMTP
	id 44/00-22649-DEEECF24 for <derick@php.net>; Fri, 12 Aug 2005 14:48:20 -0400
In-Reply-To: <Pine.LNX.4.62.0508122018300.2742@localhost>
References: <42FCE0E4.604@lerdorf.com> <416F97E8-FE59-4297-B983-64E643939E3B@omniti.com> <Pine.LNX.4.62.0508122018300.2742@localhost>
Mime-Version: 1.0 (Apple Message framework v733)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-ID: <CD6C7885-403B-42CE-838A-778E63474BFE@omniti.com>
Cc: George Schlossnagle <george@omniti.com>,
	Rasmus Lerdorf <rasmus@lerdorf.com>,
	internals <internals@lists.php.net>
Content-Transfer-Encoding: 7bit
Date: Fri, 12 Aug 2005 14:48:10 -0400
To: Derick Rethans <derick@php.net>
X-Mailer: Apple Mail (2.733)
Subject: Re: [PHP-DEV] PHP 6.0 Wishlist
From: george@omniti.com (George Schlossnagle)


On Aug 12, 2005, at 2:19 PM, Derick Rethans wrote:

> On Fri, 12 Aug 2005, George Schlossnagle wrote:
>
>
>>> 3. Add input filter extension which will include a mechanism for
>>>    application developers to very easily turn it off which would  
>>> swap
>>>    the raw GPC arrays back in case the site had it turned on by
>>>    default.
>>>
>>
>> That seems a bit scary, and almost  as if it would defeat the  
>> purpose.  I'm
>> all for an input filter extension, but it should be one that can't  
>> be easily
>> neutered by (potentially malicious) applications.
>>
> I wrote up the following spec for this extension:
> http://files.derickrethans.nl/filter_extension.html

Where's the part about an application swapping back for the raw  
arrays (as opposed to accessing them specifically as _RAW_GET or  
whatever)?  Or are you and Rasmus talking about two different proposals?

George