HTML Entity Encoding

Revision as of 12:54, 15 November 2012 by Micheal w s mcnamee (Talk | contribs)

Jump to: navigation, search

Using HTML entity encoding is useful because HTML entities are 'inert' in most interpreters, especially browsers. This means that even if an attacker tricks your application into sending malicious code to another user's browser, the attack won't execute.