Monthly Archives: October 2012

XSS sanitization on django – variables and templates

XSS attacks allow a user to inject client-side scripts into the browsers of other users. Using Django templates protects you against the majority of XSS attacks. To do this you need to protect your templates this code:

If you need to disable auto-escaping for an individual variable, then use the safe filter:

Read… Read More »