Coming soon - Get a detailed view of why an account is flagged as spam!
view details

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

2
How to sanitize inputs in a web application?
Post Body

Hello! I have a Web Application built with Python Flask as the backend. I want to sanitize my inputs for JSON data before returning to the frontend.

So my question is: What should be sanitized? Biggest concern is XSS attacks, so would it be sufficient enough to only sanitize <script></script> tags? i.e. replace <script> with &lt;script&gt;... Is there any other point of attack when it comes to HTML within the response? I currently have it replacing the script tags with regex but if you have a better suggestion for best practices I'm all ears!

Thanks in advance!~

Author
Account Strength
90%
Account Age
12 years
Verified Email
Yes
Verified Flair
No
Total Karma
2,194
Link Karma
1,346
Comment Karma
848
Profile updated: 2 days ago
Posts updated: 10 months ago
temakiFTW

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
4 years ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/AskNetsec/c...