Render objects and the holy grail of autosanitizing

Most security issues come from not correctly sanitized strings. And to be honest: Do you always instantly know which render array items have to be prepared how? Me not.
Did you ever have the pain of hunting a bug that came from a badly constructed render array leading to a WSOD in some totally unrelated core include file?

This session points the way to abolish the root of these issues by moving from render arrays to render objects.

Not the key to a perfect world. But definitely to better security and more coding beauty.

Speaker(s): 
Track: 
Coding and Development
Experience level: 
Intermediate

Comments

Sounds really cool. Please elaborate a bit more on what this actually means:

"This session points the way to abolish the root of these issues by moving from render arrays to render objects."

It would help us immensely with the selection process.