@jcoglan @bascule @benjamin_smith isn't XSS a solved problem in Yesod, the Haskell web framework?
-
-
Replying to @EyalL
@EyalL@jcoglan@benjamin_smith how can XSS be a "solved problem" anywhere? Rails auto-escapes everything now and people still screw it up1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@jcoglan@benjamin_smith Not a Yesod user but know its basics. Is the XSS despite the escaping or due to missed unescaped strings?1 reply 0 retweets 0 likes
Replying to @EyalL
@EyalL @jcoglan @benjamin_smith escaping errors, pulling in malicious 3rd party scripts, anyone compromising any script you load anywhere
5:34 PM - 31 Jan 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.