XSS sanitization on django – variables and templates

By | 02/10/2012

XSS attacks allow a user to inject client side scripts into the browsers of other users.

Using Django templates protects you against the majority of XSS attacks.

To do this you need to protect your templates this code:

If you need to disable auto-escaping for an individual variable, then use the safe filter:

Read more about this here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.