Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:71968
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 19615 invoked from network); 2 Feb 2014 03:10:28 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 2 Feb 2014 03:10:28 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.54 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.215.54 mail-la0-f54.google.com  
Received: from [209.85.215.54] ([209.85.215.54:62143] helo=mail-la0-f54.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 3B/30-30967-227BDE25 for <internals@lists.php.net>; Sat, 01 Feb 2014 22:10:27 -0500
Received: by mail-la0-f54.google.com with SMTP id y1so4629183lam.27
        for <internals@lists.php.net>; Sat, 01 Feb 2014 19:10:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:from:date:message-id:subject:to:content-type;
        bh=sPbVauuWB6n+jn2IQroCIRb3VUTdVkMFYesVHms4Cso=;
        b=xcMF4GOqY/TRWD9vI8ScTiJ4MNhAVNRVA1FBar5grdziMCY08d/uFlCIdrBvrgO2el
         3fx1iPzWwZkuy8mKJBLcQ6lFphj33RITDgmxtT862lpwtauGdlSn4NBtP5kpH/2Znmga
         tyhwZaBLho/4IVu+25Yalt1pQyrS6S6Ej/kHi4gRzGgZDT7avg6+9BNzj1yU+NvJfx3+
         ZxbKXXjc0HJAFxU0s8xwjVAmF13brNE72mxDG1wMOR23xmHSD43TcJ6Lw7/rigjkYXAy
         8g6VZHJ30BSCv06NswpqwylC44OJJ5Vu48glY+Y6lWHpT6/CTweHv5FdiP5DAzgllkP/
         f7ig==
X-Received: by 10.153.8.225 with SMTP id dn1mr8132803lad.17.1391310623983;
 Sat, 01 Feb 2014 19:10:23 -0800 (PST)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.112.199.37 with HTTP; Sat, 1 Feb 2014 19:09:43 -0800 (PST)
Date: Sun, 2 Feb 2014 12:09:43 +0900
X-Google-Sender-Auth: cu-7m2NJP-5nPBFjcKVraJSvj-U
Message-ID: <CAGa2bXbFk3+ScywpkeGcFUcmVvxLRHeWrdObvOshx6NjuB2YHw@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a1136dfc683cd6204f163bf47
Subject: [RFC] Improve HTML escape
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a1136dfc683cd6204f163bf47
Content-Type: text/plain; charset=UTF-8

Hi all,

This is a little improvement for HTML escape.
https://wiki.php.net/rfc/secure-html-escape

"/" escape is recommended by OWASP and we may follow them.

Any comments?

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a1136dfc683cd6204f163bf47--