Insane in the IFRAME -- The case for client-side HTML sanitizationInsane in the IFRAME -- The case for client-side HTML sanitization Server-side HTML sanitization is a familiar web application building block, yet despite years of offensive security research, defensive “sanitizer science†is still a kind of voodoo magic. This talk will make the case that as server-side HTML sanitizers lack the ability to effectively simulate every potential user agent, the client
GitHub - microsoft/JSanity: A secure-by-default, performance, cross-browser client-side HTML sanitization library
{{#tags}}- {{label}}
{{/tags}}