We use cookies on our website to improve the performance and content of the site. The cookies enable us to provide a more individual user experience and social media channels.
Cookie settings
We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want.
These cookies are essential for the proper functioning of my website. Without these cookies, the website would not work properly.
Type
Name
Service
Description
Cookie
_session_id
This website
Allows websites to remember user within a website when they move between web pages.
Cookie
decidim-consent
This website
Stores information about the cookies allowed by the user on this website.
These cookies allow the website to remember the choices you have made in the past
Analytics cookies are cookies that track how users navigate and interact with a website. The information collected is used to help the website owner improve the website.
These cookies collect information about how you use the website, which pages you visited and which links you clicked on.
Oooops! Your network is offline. This is a previously cached version of the page you're visiting, perhaps the content is not up to date.
Comment details
You are seeing a single comment
View all comments
I find this a simple solution and fast to apply.
And will avoid us having to take care of all the owasp recommendations: https://cheatsheetseries.owasp.org/cheatsheets/CrossSiteScriptingPreventionCheat_Sheet.html
On the other way it leaves current proposals with links broken, so it breaks compatibility. To keep compatibility we can apply strip_links prior to strip_tags, and then auto_link: autolink(striptags(strip_links(text)))
Loading comments ...