@slightlylate Nope. It's rather work to find tag that *would* escape HTML. @BrendanEich @mvsamuel @ErikArvidsson @bradneuberg @wycats
@RReverser: hahahahahahahaha....oh god it hurts
/cc @wycats @mvsamuel @BrendanEich @ErikArvidsson @bradneuberg
-
-
@wycats: you don't concat strings for fun (or you'd use another data type) they *go* places /cc@RReverser@mvsamuel@BrendanEich - 4 more replies
New conversation -
-
@slightlylate dude, that’s not ok.@RReverser@wycats@mvsamuel@BrendanEich@ErikArvidsson@bradneuberg -
@rwaldron : which, the bit where@RReverser casually ignored how xss & sqli happen in most server environments? Agree. - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.