Y
Hacker News
new
|
ask
|
show
|
jobs
by
evilpie
118 days ago
Using an allowlist based Sanitizer you are definitely less likely to shoot yourself in the foot, but as long as you use setHTML you can't introduce XSS at least.