Jacob Kaplan-Moss

Activity tagged “xss”

Bookmarks

The Fishbowl: Why is XSS so common?

This is a pretty strong argument that Django should do default template escaping. Guess I'm starting to change my mind.

(for:holovaty, security, xss)

Entries

FAQ: Untrusted users and HTML

There’s only one perfectly safe way to allow untrusted users to enter raw HTML. You’re not going to like it.

(html, security, xss)