Open eriktm opened 3 years ago
Fields that contains data should have some sort of XSS protection. This would usually be something that removes illegal tags and attributes.
Known fields that use HTML are the description and rules fields in Competition, with more to come.
Competition
Improved protection against XSS attacks
None
Possibly html-sanitizer
Proposed Functionality
Fields that contains data should have some sort of XSS protection. This would usually be something that removes illegal tags and attributes.
Known fields that use HTML are the description and rules fields in
Competition, with more to come.Use Case
Improved protection against XSS attacks
Database Changes
None
External Dependencies
Possibly html-sanitizer