![]() ![]() The problem with this design choice is that it is not “safe by default”, which is always the wrong choice for a framework or API. Don’t HTML encode data that’s stored in your database! Take the good advice of Damien Guard and Joel Spolsky! You can choose to store both representations, but don’t store just the HTML go with the raw data at the highest level of precision.Ī brief political rant about the evil of view engines that fail to HTML encode by default. ![]() I admit, finally, that Joel was right about something. It’s not bad, but we wonder if anyone listening has a better idea? We’re struggling with naming the hosted Stack Overflow that Fog Creek is working on. I say in this era of cheap 8 GB RAM and quad core CPUs, why not?Īs always, Naming Is Hard. Joel wonders if doing his Visual Studio development in a virtual machine is a viable solution. This is the 58th episode of the StackOverflow podcast where Joel and Jeff discuss HTML encoding, designing “safe by default”, whether a question can be too simple, and the art of beta testing. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |