XSS validation: Is it safe to check only if value contains <> and < >

后端未结

关注

 0  368

I\'ve been doing server side XSS validation. Here is what I found to use: List of forbidden attributes: javascript:,mocha:,eval(,alert(,vbscript:,livescript:,expressio


                      
              相关标签: