Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
jsr2013-04-25 12:19:32
Perl
jsr, 2013-04-25 12:19:32

XSS and escaping?

Where is it better to do screening on the client, or on the server?
Of course, I am convinced that the server should do this, since it is more adapted to this, has a bunch of all sorts of methods. And on the client, you need to monitor data entry and spend time processing string information.
Share your experience.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
J
jov, 2013-04-25
@jov

The client cannot be trusted! Only on the server.

Report
S
Stdit, 2013-04-25
@Stdit

If html is formed on the server, then escaping is on the server.
If it is formed on the client, then it is screened within the framework of json (or in what it comes from the server), and html-screening can be performed by a javascript template engine.
And more, I did not understand, and here perl.

Similar questions
R
Rozello2015-08-30 19:19:37
Are there analogues of barley Coro in Python 3? 3Reply
S
Stanislav2017-10-24 12:53:57
Is it ethical to offer development in Perl? 3Reply
N
Nikolay Baranenko2017-11-18 11:16:06
Why is Can't call method "content" on an undefined value returned? 2Reply
S
streetn12017-11-23 08:30:15
How to find all words in a text with two vowels using a regular expression? 2Reply
O
Orbite2017-11-28 09:21:42
How to check if a string is uppercase? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question