Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
m0ody2014-09-27 20:38:06
Django
m0ody, 2014-09-27 20:38:06

JSON - how to properly protect against XSS?

There is an application on django that gives all the data in json format. On the frontend, this data is rendered. It is necessary to protect against XSS attacks.
To encode to json I use the json library from the python standard library.
1. Will it be enough if I go through the array that needs to be sent to the frontend and process all the string data with the django.utils.html.escape function?
2. Is there a way to hang a hook in the json library that would allow string parameters to be processed during the conversion to json?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
X
xmoonlight, 2014-09-28
@xmoonlight

only server regexp to check.... fast, simple, understandable.

Similar questions
A
Arman2020-10-31 11:46:53
Can I get data from the root tag? 4Reply
A
Animkim2016-06-01 11:20:49
Sending letters, how to implement on Django? 2Reply
A
Alexander2016-06-01 16:00:53
Ajax search engine in admin? 1Reply
L
Luka Tarkhnishvili2020-09-10 13:42:18
How to set up a Django ASGI project on Ubuntu? 0Reply
I
Ilya Pochepko2016-06-02 13:21:57
How to implement automatic file save path generation in Django? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question