How to make xss safe strings

James Matthews nytrokiss at gmail.com
Thu Aug 21 07:57:51 CEST 2008


If you are using a framework there should be a urlencode feature within the
framework.

On Wed, Aug 20, 2008 at 8:58 PM, Dan Bishop <danb_83 at yahoo.com> wrote:

> On Aug 20, 10:10 pm, Roopesh <roopesh.... at gmail.com> wrote:
> > Hi,
> >
> > How can I make a string XSS safe? Will
> > simply .replace('<','<').replace('>','>').... do the work? Or
> > are there some other issues to take into account?. Is there already a
> > function in python which will do this for me.
>
> For HTML, use the cgi.escape function.
> --
> http://mail.python.org/mailman/listinfo/python-list
>



-- 
http://www.goldwatches.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20080820/02012c3c/attachment.html>


More information about the Python-list mailing list