10. Preventing Cross Site Scripting Vulnerabilities

• 10.1. Preventing Cross Site Scripting Vulnerabilities
  • 10.1.1. Philosophy and General Rules
  • 10.1.2. Types of Context and Escaping
  • 10.1.3. Editing Template Files
  • 10.1.4. Making Legacy Mako Templates Safe by Default
  • 10.1.5. XSS Linter
  • 10.1.6. Advanced Topics
  • 10.1.7. Additional Resources
• 10.2. Preventing XSS by Stripping HTML Tags
  • 10.2.1. Overview
  • 10.2.2. Mako filters for bleaching
  • 10.2.3. Strip all HTML tags
  • 10.2.4. Strip all but safe HTML tags
• 10.3. Preventing XSS in Django Templates
  • 10.3.1. HTML-escaping Translations in Django Templates
• 10.4. Preventing XSS in React
  • 10.4.1. i18n and Translations