Forum: Ruby anti-xss library for ruby?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
966a441cce3f7cab1588082724c8ecb7?d=identicon&s=25 Florian Weber (Guest)
on 2005-12-20 14:27
(Received via mailing list)
Hi!

Does anybody know a ruby anti-xss library that passes all the cases
described in the xss cheat sheet (http://ha.ckers.org/xss.html)?

Thanks!

Ciao!
Florian
E0ed615bd6632dd23165e045e3c1df09?d=identicon&s=25 =?ISO-8859-1?Q?Florian_Gro=DF?= (Guest)
on 2005-12-20 22:00
(Received via mailing list)
Florian Weber wrote:

> Does anybody know a ruby anti-xss library that passes all the cases
> described in the xss cheat sheet (http://ha.ckers.org/xss.html)?

I've been an advocate of whitelisting before, but after reading this I
would never again use anything else. Don't even try doing blacklisting.
It won't work.
This topic is locked and can not be replied to.