diff options
author | Harald Eilertsen <haraldei@anduin.net> | 2022-03-20 12:57:42 +0100 |
---|---|---|
committer | Harald Eilertsen <haraldei@anduin.net> | 2022-03-20 15:34:24 +0100 |
commit | 8c19ab8f9f47a522ad2b929495f3b5821efd2f34 (patch) | |
tree | 11b60be2ec18f48734665495353bc44424981d70 /doc/filesync.md | |
parent | 30ae198b898a987e0d934a0e049cc6811f500475 (diff) | |
download | volse-hubzilla-8c19ab8f9f47a522ad2b929495f3b5821efd2f34.tar.gz volse-hubzilla-8c19ab8f9f47a522ad2b929495f3b5821efd2f34.tar.bz2 volse-hubzilla-8c19ab8f9f47a522ad2b929495f3b5821efd2f34.zip |
Add helper to escape URLs.
The escaping makes the URL safe for display and for use in HTML element
attributes (such as href="..." etc), but does not guarantee that the URL
itself is valid after conversion. This should be good enough for
mitigating XSS issues caused by injecting html or javascript into a URL.
Also probably good enough for _most_ normal URLs, but there may be
devils hidden in the details somewhere.
Diffstat (limited to 'doc/filesync.md')
0 files changed, 0 insertions, 0 deletions