Posted almost 6 years ago

For those who think these are the only characters that need to be escaped in HTML.

If I had a dollar for every HTML escaper that only escapes &, <, >, and ", I'd have $0. Because my account would've been pwned via XSS.

You might also like

How to implement a Post-to-Wall Facebook-like using PHP and jQuery
Semantic zoom (JavaScript and HTML) (Video)
X-Tag: or how to cut your html in half by adding 28 lines of Javascript


Marcos Zanona

Very good, thanks a lot!

almost 6 years ago   Like_icon 0 likes  

Talentopoly Newsletter

A once-weekly round-up of the best programming and design posts.

Join 2050+ subscribers

We will never spam or share your email address. Easily unsubscribe