[Cryptography] filtering html
Marshall Pierce
marshall at mpierce.org
Sun Oct 15 18:27:17 EDT 2017
On 10/15/2017 03:43 AM, James A. Donald wrote:
> It looks like Github Flavored Markdown is Github's solution to this
> problem.
>
> Instead of attempting the Herculean task of sanitizing arbitrary user
> supplied html, they give the user a language that is less dangerously
> powerful.
Non-HTML markup languages (like Markdown, and BBCode before it) are one
approach, but there are tools for constraining input to a safer subset
of HTML, like AntiSamy:
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project.
-Marshall
More information about the cryptography
mailing list