Talk:DOM Based XSS

De OWASP
Saltar a: navegación, buscar

I’d really like to find examples of code and malicious input illustrating scenario where ESAPI encodeForHTML wouldn't be sufficient and encodeForHTMLAttribute would remediate vulnerability.