Simon Willison’s Weblog

Blogmarks tagged xss in Dec, 2007

Filters: Type: blogmark × Year: 2007 × Month: Dec × xss ×


Why the h can’t Rails escape HTML automatically? It would be a pretty huge change, but auto-escaping in Rails 2.0 could close up a lot of accidental XSS holes. # 1st December 2007, 8:34 pm

Types

Years

Months

Tags