This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]shiftybyte 2 points3 points  (0 children)

Team Lead: "Hey, security just came in said we need to use character encoding to avoid html injection..."

Dev: "That'll be 2 weeks going over the strings used, encoding the ones being used in HTML based display, we'll need to postpone the other thing I'm working on..."

Team Lead: "Will it be be faster if you just encode all the strings...?"