Simon Willison’s Weblog

18th December 2021

None

TIL Safely outputting JSON — Carelessly including the output of `json.dumps()` in an HTML page can lead to an XSS hole, thanks to the following:

Posted 18th December 2021 at 1:06 am

Recent articles

Notes on the xAI/Anthropic data center deal - 7th May 2026
Live blog: Code w/ Claude 2026 - 6th May 2026
Vibe coding and agentic engineering are getting closer than I'd like - 6th May 2026

This is a beat by Simon Willison, posted on 18th December 2021.

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe