| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Remove forward-slash escape (#486) |  Alex Wennerberg | 2021-05-17 | 1 | -1/+0 |
| | | | | | | | | | | | | | | | | This was based off of the OWASP XSS prevention cheat sheet -- https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#output-encoding-rules-summary However, there isn't really any attack vector based on forward slash alone, and it's being removed in the next version of that document. > There is no proof that escaping forward slash will improve > defense against XSS, if all other special characters are escaped > properly, but it forces developers to use non-standard implementation of > the HTML escaping, what increases the risk of the mistake and makes the > implementation harder. https://github.com/OWASP/CheatSheetSeries/pull/516 | ||||
| * | Add no_std support to askama_escape |  Wim Looman | 2021-01-15 | 1 | -3/+10 |
| | | |||||
| * | Update `EscapeWriter` HTML implementation to not output empty strings |  Ciprian Dorin Craciun | 2020-05-24 | 1 | -1/+5 |
| | | |||||
| * | Update formatting |  Dirkjan Ochtman | 2019-07-25 | 1 | -4/+1 |
| | | |||||
| * | Change askama_escape to require UTF-8 strings |  Ram Kaniyur | 2019-06-14 | 1 | -24/+25 |
| | | |||||
| * | Specify a trait that handles the output format's escaping | Dirkjan Ochtman | 2019-01-12 | 1 | -55/+108 |
| | | |||||
| * | Slightly simplify escaping code | Dirkjan Ochtman | 2019-01-12 | 1 | -19/+21 |
| | | |||||
| * | Improved rendering time (#190) |  yossyJ | 2019-01-06 | 1 | -1/+23 |
| | | | | | | | * Improved rendering time * Fix useless codes | ||||
| * | Use 2018 edition idioms | Dirkjan Ochtman | 2018-12-08 | 1 | -3/+3 |
| | | |||||
| * | Create askama_escape crate |  bott | 2018-11-07 | 1 | -0/+100 |
 |
index : askama | |
| [no description] | git repository hosting |
| aboutsummaryrefslogtreecommitdiffstats |