Oh, and by the way: can we make âthou shalt not sanitize HTML with regexpsâ a thing? It seems that not everybody heard that yet⌠#infosec #security #XSS
@WPalant You *can* do it correctly. Or is your point that you can but shouldn't, because it's easy to get wrong?
@varx Quite frankly: itâs extremely rare that this is done correctly.
@WPalant True, although it also depends on what kind of sanitization you want.
A Mastodon instance for info/cyber security-minded people.
@WPalant You *can* do it correctly. Or is your point that you can but shouldn't, because it's easy to get wrong?