|
|
|
|
|
|
by serious_habit
1623 days ago
|
|
|
If I'm reviewing code and someone is implementing escaping that's an immediate, massive, red flag. It's SO HARD to get right and there are many MANY libraries for doing it correctly. The scary thing is how many bugs still make it into these libraries. Strongly prefer using an established library and see designs such as https://web.dev/trusted-types. |
|
|