|
|
|
|
|
|
by joquarky
865 days ago
|
|
|
If you are concatenating strings of HTML, you are basically asking for an injection attack. There are lightweight frameworks (like knockout) that keep things simple but keep you safe with bindings, without giving up control to a bigger framework. |
|
|