• Solutions
    • Uniquid
    • yTourism
  • Services
    • Consulting
    • Web
    • Formation
  • About us
    • Philosophy
    • Join the team
    • Offices
    • Clients
  • Community
    • Blog
    • Projects
    • Contributions
General Linux Python caching databases debugging django djangocon geodjango inauguracion jacobkaplanmoss misscripts opensource orm postgresql projects python security sistemas software yaco
Yaco on Facebook
border image
Join us
Join us
Contribuimos a:
morfeo django
plone merengue
  • xss
  • < go back to channels

Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems

Blog de Simon Willison Posted on April 14, 2009

Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems (via). The Google Online Security Blog reminds us that simply HTML-escaping everything isn’t enough—the type of escaping needed depends on the current markup context, for example variables inside JavaScript blocks should be escaped differently. Google’s open source Ctemplate library uses an HTML parser to keep track ...

ctemplate django escaping google html opensource security xss
external link Read More
  • Solutions
    • Uniquid
    • yTourism
  • Services
    • Consulting
    • Web
    • Formation
  • About us
    • Philosophy
    • Join the team
    • Offices
    • Clients
  • Community
    • Blog
    • Projects
    • Contributions
Facebook twitter Linkedin Youtube Google Plus Blog yaco

+34 954 500 057

Contact us