sparcs-kaist / new-ara-api

Restful API for Ara, KAIST's official community service

http://newara.sparcs.org/

MIT License

20 stars 2 forks source link

Closed apple12347678 closed 4 years ago

apple12347678 commented 5 years ago

tiptap이 생성한 json을 iterate하면서 XSS 검사를 해야 함 (인젝션 가능)

apple12347678 commented 5 years ago

43

apple12347678 commented 4 years ago

Frontend 쪽에 pure HTML로 보낼 것으로 전달함 - bleach 이용해 sanitize 할것

victory-jooyon commented 4 years ago