Custom Header Image Thesis Theme - …
@thinsoldier – you asked “yes or no”. No.
Most people would use sections a lot; to wrap up areas of code to disambiguate where sections start and end; to surround areas demarcated with headings inside articles that were to be syndicated, so that the sites that import that content can apply CSS that works for the importing sites’ outline and so the outlining algorithm works correctly.
How to have a Custom Container's text in the Header
Although I wholeheartedly agree with better accessibility constructs, I seriously doubt that things like section etc. will do the job. First of all, it will only work if everybody uses it correctly, and seeing as how ambiguous these new elements are…
Secondly, I have a blind friend who on occasion tests my sites. At one point he told me to stop trying too hard. His view on the matter is this: Radio, spoken books, tv, etc. don’t use elements either. The best way to solve accessibility issues on websites for the blind is by having the site read by a real person. As long as that doesn’t cut is use headings correctly and make the rest of the text as “flat” as possible.
Now obviously part of this is a personal preference, but it does show that perhaps we are forcing accessibility in a direction it should be taken.
Should we use an empty element on our code just to say that, in the outline all goes well?
Should we create a header to our sections, filled in, and then hide it with css?
Adding and using custom user profile fields - Justin …
Allowing user input to control format parameters could enable an attacker to cause exceptions to be thrown or leak information.
Attackers may be able to modify the format string argument, such that an exception is thrown. If this exception is left uncaught, it may crash the application. Alternatively, if sensitive information is used within the unused arguments, attackers may change the format string to reveal this information.
The example code below lets the user specify the decimal points to which it shows the balance. The user can in fact specify anything causing an exception to be thrown which could lead to application failure. Even more critical within this example, if an attacker can specify the user input "2f %3$s %4$.2", the format string would be "The customer: %s %s has the balance %4$.2f %3$s %4$.2". This would then lead to the sensitive accountNo to be included within the resulting string.