Back to the Learning

Beep Beep. Subscription Required.

Laracasts is packed full with over 1,500 lessons just like this one.
Sign up to get full access or log in to your account and sit back.

Your Teacher | Jeffrey Way

https://laracasts.s3.amazonaws.com/avatars/jeffrey-avatar.jpg's avatar
Hi, I'm Jeffrey. I'm the creator of Laracasts and spend most of my days building the site and thinking of new ways to teach confusing concepts. I live in Orlando, Florida with my wife and two kids.

About This Episode

Published on Jan 2nd, 2018

When building web applications, always assume that the user is malicious. As such, any time you accept and display user input, sanitize it first. Think of this as the equivalent of throwing their input into a sink filled with soapy water. The goal is to clean that HTML as best as we can. Scrub it down in preparation for display. Script tag? Sorry, but no. Inline styles? See ya. Click event handlers? Hell no.

View the source code for this episode on GitHub.

Episodes

    1. WYSIWYG

      15:28
Back to Series Button