Simon Willison’s Weblog

Blogmarks tagged django, autoescaping, rails in Dec

Filters: Type: blogmark × Month: Dec × django × autoescaping × rails ×


Why the h can’t Rails escape HTML automatically? It would be a pretty huge change, but auto-escaping in Rails 2.0 could close up a lot of accidental XSS holes. # 1st December 2007, 8:34 pm

Types

Years

Tags