Join our Updates

We send newly fresh and beautiful contents to your inbox regularly. Enjoy each premium newsletters in your mail.
First Name
Last Name
Email address
Your email will never be shared
diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Apr012009

Reducing XSS with Auto-Escaping in Template Systems

Google security team has introduced Automatic Context-Aware Escaping (Auto-Escape for short), a functionality added to two Google-developed general purpose template systems to better protect against Cross-Site Scripting (XSS). Consider the simplified template below in which double curly brackets {{ and }} enclose placeholders (variables) that are replaced with run-time content, presumed unsafe. In this template, four variables are used: USER_NAME, USER_ACCOUNT_URL, USER_COLOR, USER_ID

Full Article

Share This Story, Choose Your Platform!

Join our Updates

We send newly fresh and beautiful contents to your inbox regularly. Enjoy each premium newsletters in your mail.
First Name
Last Name
Email address
Your email will never be shared