Prevent XSS vulnerabilities in HTML files in testing pipeline

wesaynih / infrastructure

http://frameless.io/

Other

0 stars 1 forks source link

Open Robbert opened 8 years ago

Robbert commented 8 years ago

We should check at least all HTML files for common browser vulnerabilities as listed on http://html5sec.org

Try using the dompurify npm package to this end
Check image files like PNG and GIF that I remember can contain executable scripts.