Open kissgyorgy opened 1 year ago
The escaping is just rudimentary for now, it escapes HTML properly, but other contexts should also be considered to make it easier to use: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
The escaping is just rudimentary for now, it escapes HTML properly, but other contexts should also be considered to make it easier to use: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html