#27 Cross Site Scripting

May 04, 2007 | 5 minutes | Views, Security

Another common security issue is cross site scripting. In this episode you will see why it is so important to escape any HTML a user may submit.

Download:
mp4Full Size H.264 Video (9.8 MB)
m4vSmaller H.264 Video (6.74 MB)
webmFull Size VP8 Video (19.3 MB)
ogvFull Size Theora Video (14.3 MB)

          rhtml
        
<%=h comment.content %>

          ruby
        
CGI::escapeHTML(...)