18th December 2021
TIL
Safely outputting JSON
— Carelessly including the output of `json.dumps()` in an HTML page can lead to an XSS hole, thanks to the following:
Recent articles
- Perhaps not Boring Technology after all - 9th March 2026
- Can coding agents relicense open source through a “clean room” implementation of code? - 5th March 2026
- Something is afoot in the land of Qwen - 4th March 2026