4 points | by thangqt 18 hours ago ago
1 comments
This piece of code in hackernews.go could lead to XSS I think
// Main post content (for text posts) if thread.Content != "" { html.WriteString(`<div class="hn-content">`) html.WriteString(thread.Content) html.WriteString(`</div>`)
}
This piece of code in hackernews.go could lead to XSS I think
// Main post content (for text posts) if thread.Content != "" { html.WriteString(`<div class="hn-content">`) html.WriteString(thread.Content) html.WriteString(`</div>`)
}