• Alien Nathan Edward@lemm.ee
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    4
    ·
    1 year ago

    I work on a Web app and we recently decided that we’re just not gonna support double quotes in free text fields because oh holy balls what a thing it is to try to deal with those in a way that doesn’t open you up to multiple encoding vulnerabilities.