dandelion / dandelion-datatables

Dandelion component for DataTables
http://dandelion.github.io/components/datatables/
Other
110 stars 49 forks source link

Escape XML to prevent XSS attacks #226

Closed tduchateau closed 10 years ago

tduchateau commented 10 years ago

Issue by tduchateau from Tuesday Dec 17, 2013 at 12:48 GMT


All attributes whose value is to be used for display must be escaped.

The escaping will occur by default and should be deactivatable.