Most HTML templating languages are written incorrectly. “If you ever find yourself in the position of designing an html template language, please make the default behavior when including variables be to HTML-escape them.” I couldn’t agree more.
Recent articles
- Phoenix.new is Fly's entry into the prompt-driven app development space - 23rd June 2025
- Trying out the new Gemini 2.5 model family - 17th June 2025
- The lethal trifecta for AI agents: private data, untrusted content, and external communication - 16th June 2025