LinkedInTwitterFacebook

XSS sanitization on django – variables and templates

XSS attacks allow a user to inject client side scripts into the browsers of other users.

Using Django templates protects you against the majority of XSS attacks.

To do this you need to protect your templates this code:

If you need to disable auto-escaping for an individual variable, then use the safe filter:

Read more about this here.