Html escaping for security: howto in D?

aberba karabutaworld at gmail.com
Tue Jul 7 20:21:19 UTC 2020


On Tuesday, 7 July 2020 at 17:59:21 UTC, Fitz wrote:
> On Monday, 6 July 2020 at 15:13:30 UTC, aberba wrote:
>
>> If you want to completely removed all tags, 
>> https://code.dlang.org/packages/plain might be better.
>
> seems overkill, just implemented something simple:
> // 
> https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html

Again I'm not sure I really understood what you want. If you're 
trying to escape them with html entities, then my suggestions 
don't apply. I believe Adam (arsd) has some function in his 
library for doing html entities of tags.


More information about the Digitalmars-d mailing list