http://simonwillison.net/2007-03-12T00:34:16+00:00Simon Willison2007-03-12T00:34:16+00:002007-03-12T00:34:16+00:00https://simonwillison.net/2007/Mar/12/xss/#atom-tag

<p><strong><a href="http://golem.ph.utexas.edu/~distler/blog/archives/001181.html">XSS</a></strong></p> Sanitising HTML is an extremely hard problem. The sanitize helper that ships with Rails is completely broken; Jacques Distler provides a better alternative. <p>Tags: <a href="https://simonwillison.net/tags/jacques-distler">jacques-distler</a>, <a href="https://simonwillison.net/tags/rails">rails</a>, <a href="https://simonwillison.net/tags/security">security</a>, <a href="https://simonwillison.net/tags/xss">xss</a></p>