|
|
|
|
|
|
by rebane2001
190 days ago
|
|
|
> Because it's pretty much the only thing you can do when sanitizing server-side I'd suggest not sanitizing user-provided HTML on the server. It's totally fine to do if you're fully sanitizing it, but gets a little sketchy when you want to keep certain elements and attributes. |
|
|