• #dev 2020-11-14
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2020-11-14 UTC
# 21:16
[Simon_Willison]
In that case I can trust the HTML because it’s from me, but I need to watch out for people writing SQL queries that generate HTML, e.g. https://til.simonwillison.net/til?sql=select+%27%3Cscript%3Ealert%28%22bad%22%29%3C%2Fscript%3E%27+as+html