duhaime
commented
6 years ago @spaceraccoon No, it's not (only admins can insert input)
Closed spaceraccoon closed 6 years ago
duhaime
commented
6 years ago @spaceraccoon No, it's not (only admins can insert input)
spaceraccoon
commented
6 years ago @duhaime Ok, the clients want to modify the standard user to be able to add buildings and only edit their added buildings, so I think sanitizing input will be necessary; considering the sanitize-html package.
Is user input currently being sanitized on the server side? @duhaime