Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:33559
Return-Path: <stas@zend.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 33365 invoked by uid 1010); 1 Dec 2007 01:07:31 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 33350 invoked from network); 1 Dec 2007 01:07:31 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 1 Dec 2007 01:07:31 -0000
Authentication-Results: pb1.pair.com smtp.mail=stas@zend.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=stas@zend.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain zend.com designates 212.25.124.162 as permitted sender)
X-PHP-List-Original-Sender: stas@zend.com
X-Host-Fingerprint: 212.25.124.162 mail.zend.com Windows 2000 SP4, XP SP1
Received: from [212.25.124.162] ([212.25.124.162:5651] helo=mx1.zend.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id F8/FE-39456-1D3B0574 for <internals@lists.php.net>; Fri, 30 Nov 2007 20:07:31 -0500
Received: from us-ex1.zend.com ([192.168.16.5]) by mx1.zend.com with Microsoft SMTPSVC(6.0.3790.3959);
	 Sat, 1 Dec 2007 03:07:26 +0200
Received: from [192.168.16.91] ([192.168.16.91]) by us-ex1.zend.com with Microsoft SMTPSVC(6.0.3790.1830);
	 Fri, 30 Nov 2007 17:07:22 -0800
Message-ID: <4750B3CA.20405@zend.com>
Date: Fri, 30 Nov 2007 17:07:22 -0800
Organization: Zend Technologies
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Sara Golemon <pollita@php.net>
CC: omar@php.net, PHP Internals <internals@lists.php.net>
References: <474F0EE7.8020201@php.net> <474F4E47.8050506@zend.com> <474F5E12.1050404@php.net> <474F5F75.3030808@zend.com> <475081DD.90404@php.net>
In-Reply-To: <475081DD.90404@php.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 01 Dec 2007 01:07:22.0991 (UTC) FILETIME=[8777F7F0:01C833B6]
Subject: Re: [PHP-DEV] Proposed feature for json_encode()
From: stas@zend.com (Stanislav Malyshev)

> I can't because I don't know of any successful vectors *currently*.  I 
> also would have sworn that echoing htmlentified data was safe....until I 
> came across a browser where it wasn't.

So that's what I wanted to understand, because if we add this feature, 
we should give some explanation on when to use it and what it does, and 
I don't think I understand that, so I guess it would help to have such 
explanation.
-- 
Stanislav Malyshev, Zend Software Architect
stas@zend.com   http://www.zend.com/
(408)253-8829   MSN: stas@zend.com