Challenge: Render User-provided Content
Practice what we've learned about application security.
We'll cover the following...
Problem statement
There are certain situations in which a website might receive a text or HTML string from the server to render. Some websites might allow trusted administrators to write or generate an HTML snippet that should be injected. Other websites might use a rich-text editor to allow users to create content. Usually, these editors output HTML markup that ...