Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xss on template engines #476

Closed
jknack opened this issue Sep 14, 2016 · 0 comments
Closed

xss on template engines #476

jknack opened this issue Sep 14, 2016 · 0 comments
Labels
enhancement
Milestone
1.0.0.CR8

Comments

@jknack
Copy link
Member

jknack commented Sep 14, 2016
edited
Loading

Template engines should expose (one way or another) available XSS escapers:

handlebars:

{{xss input "js" "html"}}

pebble:

{{xss(input, "js", "html")}}

freemarker:

${xss (input, "js", "html")}

jade:

p= xss.apply(input, "js", "html")

See #473 and #475
@jknack jknack added this to the 1.0.0 milestone Sep 14, 2016
@jknack jknack closed this as completed in a30b327 Sep 15, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
1.0.0.CR8
Development

No branches or pull requests
1 participant
@jknack