You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -10,7 +10,7 @@ There are certainly complexities which FF does not handle, especially related to
INSTALLATION
-composer require it-all/form-former
or add "it-all/form-former": "^2.0" to composer.json and run composer update
or add "it-all/form-former": "^2.1" to composer.json and run composer update
SECURITY
Since FormFormer is limited to forming forms, rather than receiving, filtering, or validating data, there is little security implemented in the source code (/src). In order to prevent XSS, the htmlentities function (https://www.php.net/htmlentities) is used when outputting html element attribute values (which may contain user input if client code validates input and repopulates for failures) and html element content values (for example <textarea>escaped content</textarea>).
