Items tagged opensource in Apr, 2009
Filters: Year: 2009 × Month: Apr × opensource × Sorted by date
Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems (via) The Google Online Security Blog reminds us that simply HTML-escaping everything isn’t enough—the type of escaping needed depends on the current markup context, for example variables inside JavaScript blocks should be escaped differently. Google’s open source Ctemplate library uses an HTML parser to keep track of the current context and apply the correct escaping function automatically. # 14th April 2009, 9:26 am
Ext Core 3.0 Beta Released. The Ext JavaScript team have just released the core library (similar to jQuery or Prototype) under an MIT license. The rich GUI elements that go on top are still under the GPL. # 5th April 2009, 8:17 pm