Talk:DOM Based XSS

From OWASP
Jump to: navigation, search

I’d really like to find examples of code and malicious input illustrating scenario where ESAPI encodeForHTML wouldn't be sufficient and encodeForHTMLAttribute would remediate vulnerability.