Tag
sanitization
Safeguard articles tagged "sanitization" — guides, analysis, and best practices for software supply chain and application security.
3 articles
AppSec
react-quill and Quill: XSS History and Safe Rich-Text Editing
Using Quill in React means understanding CVE-2021-3163, the react-quill maintenance gap, and why editor output must always be sanitized server-side before display.
Aug 14, 20256 min read
AppSec
Showdown Markdown Converter: XSS Risks and Safe Configuration
The npm showdown library converts Markdown to HTML without sanitizing it — by design. Here is where the XSS risk actually lives and how to render untrusted Markdown safely.
May 15, 20257 min read
AppSec
The xss npm Package: Sanitizing HTML Input Correctly
The xss npm package is a whitelist-based HTML sanitizer for Node and the browser. It works well — when you sanitize in the right place, with the right whitelist, for the right output context.
Jan 27, 20257 min read