dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update CrossSiteScripting_content9.adoc

Browse Source 
Fix broken resource link
This commit is contained in:
Jacob Skiba 2019-08-06 05:26:05 -04:00 committed by GitHub
parent 18eee4df58
commit 7d9f24c86b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-lessons/cross-site-scripting/src/main/resources/lessonPlans/en/CrossSiteScripting_content9.adoc
View File

@ -39,7 +39,7 @@ _$selector.*text*(someEncodeHtmlMethod(userInputHere))_
http://underscorejs.org/#template
https://nvisium.com/blog/2015/05/21/dont-break-your-backbone-xss-mitigation/
https://nvisium.com/blog/2015/05/21/dont-break-your-backbone-xss-mitigation.html
==== Angular
Angular has sought to escape by default, but the expression language has proven to have 'sandbox' escapes. Best to check