search

franklindyer / agora-app

Simple and (hopefully) secure social media application. Also a project for spring 2024 CS 444 cybersecurity class at UNM.
4 stars 1 forks source link

XSS vulnerability in user posts #72

Closed franklindyer closed 5 months ago

franklindyer commented 5 months ago

Python's markdown.markdown will not clean <script> elements from users' posts. Maybe we can use something like the bleach package to remediate this.