Come for the quick hacks, stay for the epiphanies. | |
PerlMonks |
Re: Input Validation and pattern matching in Template Toolkitby nikosv (Deacon) |
on Jun 20, 2018 at 20:45 UTC ( [id://1217063]=note: print w/replies, xml ) | Need Help?? |
There's just too many Context/attack vectors for the the template to handle;there's the CSS context,the Javascript,the URL, the HTML, the JSON...The Perl counterpart,which I don't know what that would be, of an anti-XSS library such as Coverity's is recommended.
For example,have a look at the various escapers offered by this library:
https://coverity.github.io/coverity-security-library/com/coverity/security/Escape.html
In Section
Seekers of Perl Wisdom
|
|