Hi!
Does anybody know a ruby anti-xss library that passes all the cases
described in the xss cheat sheet (http://ha.ckers.org/xss.html)?
Thanks!
Ciao!
Florian
Florian W. wrote:
Does anybody know a ruby anti-xss library that passes all the cases
described in the xss cheat sheet (http://ha.ckers.org/xss.html)?
I’ve been an advocate of whitelisting before, but after reading this I
would never again use anything else. Don’t even try doing blacklisting.
It won’t work.