Posted almost 3 years ago
tlnt.co/p/oF

For those who think these are the only characters that need to be escaped in HTML.

If I had a dollar for every HTML escaper that only escapes &, <, >, and ", I'd have $0. Because my account would've been pwned via XSS.

You might also like

How to implement a Post-to-Wall Facebook-like using PHP and jQuery
25 years of HyperCard—the missing link to the Web
Mobile Safari iOS5: position:fixed, overflow:scroll, new input type support and more...

Comments

Default_thumb
Marcos Zanona

Very good, thanks a lot!

almost 3 years ago   Like_icon 0 likes  

Talentopoly Newsletter

A once-weekly round-up of the best programming and design posts.

Join 2050+ subscribers

We will never spam or share your email address. Easily unsubscribe

Liked_post_header
Default_speck