18th December 2021
TIL
Safely outputting JSON
— Carelessly including the output of `json.dumps()` in an HTML page can lead to an XSS hole, thanks to the following:
Recent articles
- Datasette Apps: Host custom HTML applications inside Datasette - 18th June 2026
- GLM-5.2 is probably the most powerful text-only open weights LLM - 17th June 2026
- Publishing WASM wheels to PyPI for use with Pyodide - 13th June 2026