Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
m0ody2014-09-27 20:38:06
Django
m0ody, 2014-09-27 20:38:06

JSON - how to properly protect against XSS?

There is an application on django that gives all the data in json format. On the frontend, this data is rendered. It is necessary to protect against XSS attacks.
To encode to json I use the json library from the python standard library.
1. Will it be enough if I go through the array that needs to be sent to the frontend and process all the string data with the django.utils.html.escape function?
2. Is there a way to hang a hook in the json library that would allow string parameters to be processed during the conversion to json?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
X
xmoonlight, 2014-09-28
@xmoonlight

only server regexp to check.... fast, simple, understandable.

Similar questions
S
softshape2015-10-05 05:47:16
How to make DisallowedHost error 400 instead of 500 in Django? 2Reply
A
alex5e2018-02-10 11:53:23
How to create a model attribute in Django without adding a field to the database? 1Reply
A
Alexander2015-10-06 20:07:43
How to fix redirect_uri is incorrect, check application redirect uri? 2Reply
V
vixh2011-04-20 00:48:38
Initializing an existing model with django-mptt service data 0Reply
V
Vladislav Koval2021-06-16 10:56:22
How to implement the import of a large number of XML and photos in Django? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question