|
|
|
|
|
|
by jonrimmer
4381 days ago
|
|
|
Um, the "people writing HTML" have done a lot of work to prevent XSS, by introducing Content-Security-Policy and other HTTP headers: http://ibuildings.nl/blog/2013/03/4-http-security-headers-yo... The main problem is backwards compatibility, as older browsers don't support them, but the idea that people have their head in the sand re. XSS is complete nonsense. |
|
|