Cross-site scripting attacks
Posted Apr 13, 2006 14:48 UTC (Thu) by kingdon
In reply to: Cross-site scripting attacks
Parent article: Cross-site scripting attacks
Yes, yes, yes! Thank you for saying this.
Some systems that get the quoting right: DOM, tinytemplate, XmlWriter, Amrita (a ruby template engine), probably a few others.
Some systems that get the quoting wrong: jsp, velocity, rhtml (a ruby template engine, alas more popular than Amrita), print statements, m4 (or anything else not specific to XML/HTML), etc, etc, etc.
Maybe others can augment these lists with some of the popular engines out there for python and others.
to post comments)