Python Strings Security

/ Strings

S R Q

Python Strings Security

Prevent XSS with html.escape()
Sax library escape(), faster

import html
s = html.escape(s)

Escape

Prevent xss attacks with html escape.

 
""" XSS
Prevent cross site scriting attacks
Escape html tags with html library
"""
import html

a = """& < " ' >"""
x = html.escape(a)

b = "<script>alert('hack');</script>"
y = html.escape(b)

print(x) # &amp; &lt; &quot; &#x27; &gt;
print(y) # &lt;script&gt;alert(&#x27;hack&#x27;);&lt;/script&gt;

XML

The sax library escape should execute faster.

 
""" XSS 
Prevent cross site scriting attacks
The sax library escape should execute faster
"""
from xml.sax.saxutils import escape
from xml.sax.saxutils import quoteattr

a = '< & >'
x = escape(a)

b = "a ' b"
y = quoteattr(b)

assert x == '&lt; &amp; &gt;'
assert y == '"a \' b"'

print('pass')

➥ Questions

Last update: 124 days ago

➟

Strings, Encrypt

minte9 learningjourney

Python Strings Security

Escape

XML

minte9
learningjourney