XSS sanitization on django – variables and templates

XSS attacks allow a user to inject client-side scripts into the browsers of other users.

Using Django templates protects you against the majority of XSS attacks.

To do this you need to protect your templates this code:

If you need to disable auto-escaping for an individual variable, then use the safe filter:

Read more about this here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.