alexweissman
commented
8 years ago Fixed in https://github.com/userfrosting/fortress/commit/4070fbfeccea8a09b867fa8e972e229cc9f8b3aa. I've changed the term "sanitize" to "transform", and now by default no transformations are performed on input data.
There may still be cases where we want to modify user input somehow (though this should still only be done with the consent/notification of the user). So, I think transformations is a more reasonable way to frame this.
Currently, the default sanitizer is
purge, which strips out all HTML characters. This is a bad default value, because actually in most cases, the user's input should not be altered before storage.See: http://security.stackexchange.com/a/42521/74909
For example, the user's input may never be treated as HTML, or it may be a password where HTML characters should be permitted.
In fact, I propose that we drop the "sanitize" functionality altogether and only perform validation with this library, although we should still perform whitelisting of allowed fields.