XSS. Sanitising HTML is an extremely hard problem. The sanitize helper that ships with Rails is completely broken; Jacques Distler provides a better alternative.
Recent articles
- Moltbook is the most interesting place on the internet right now - 30th January 2026
- Adding dynamic features to an aggressively cached website - 28th January 2026
- ChatGPT Containers can now run bash, pip/npm install packages, and download files - 26th January 2026