Y
Hacker News
new
|
ask
|
show
|
jobs
by
runeks
2531 days ago
> The other fix is properly escaping things before sticking them in your markup.
Or simply not displaying user data using a markup language with built-in remote code execution.
1 comments
bzbarsky
2531 days ago
Well, yes, there are various levels of "thinking outside the box" here that could be applied.
link