Hacker News new | ask | show | jobs
by mp4box 4245 days ago
Off-topic: You might wanna sanitize user input

http://www.aggreddit.com/?r=%3Cscript%3Ealert%28%27xss%27%29...
1 comments
legato 4244 days ago
Thanks! Should be fixed now.
link
mp4box 4244 days ago
It seems not:

http://www.aggreddit.com/?r=%22%3C%2Fa%3E+%3Cscript%3Ealert%...

link
sarciszewski 4244 days ago
Yikes. :)

OP, you might want to check out HTML Purifier (if you're using PHP) and htmlentities().

link