The problem with input filtering is that you can only filter for one output scenario. What if the the input is going to be output in a wiki like environment, or to pdf, or whatever? Then you have to unescape the data again, and maybe apply filtering/escaping for those environments. You only know how to escape data when you are going to output it, so then is the the best moment to escape it. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html