HomeDrupal Overview

CMS Architecture - Security

Submitted by greggles on Tue, 2007-07-10 14:33.
in
  • DB Abstraction protects against SQL injection
  • XSS protected against as part of translation and theme layer
  • FormAPI - XSFR protected with with session+salt hash hidden form elements
  • FormAPI - Prevent submission of non existent radio/select options
  • Generally, "I love finding custom CMS because I know I can break into it. If I see Drupal and its up to date I just give up." - paraphrase of Rasmus Lerdorf
‹ CMS ArchitectureupExtension Development ›

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use Markdown syntax to format and style the text. Also see Markdown Extra for tables, footnotes, and more.
  • Allowed HTML tags: <br> <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <strike> <h3> <pre> <blockquote> <h2> <div> <p>
  • Lines and paragraphs break automatically.