Output encoding is a powerful defense against cross-site script (XSS) attacks. Output encoding clearly marks information in web pages as data so the browser will not execute the snippet even if the snippet happens to be a script. Watch this video to see output encoding controls in action.
Jeremy Druin
How Output Encoding Stops Cross-site Script (XSS) Attacks
Updated: Feb 22, 2021
Комментарии