18th December 2021
TIL
Safely outputting JSON
— Carelessly including the output of `json.dumps()` in an HTML page can lead to an XSS hole, thanks to the following:
Recent articles
- The new GPT-5.6 family: Luna, Terra, Sol - 9th July 2026
- sqlite-utils 4.0, now with database schema migrations - 7th July 2026
- sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25) - 5th July 2026