Y
Hacker News
new
|
ask
|
show
|
jobs
by
zaarn
3136 days ago
Your backend should be double-checking any escaping the frontend does.
Otherwise you can throw your fancy anti-XSS on the frontend in the bin.
Also CSP helps.