OAuth community,
XSS is a problematic risk in all web applications. It’s easy to introduce into
apps, hard to find, and one variant is dramatically growing - DOM XSS.
If you care about this risk; please give this a read from one of the worlds
best on this topic and a potential solution (at least for DOM XSS) that will
arrive in the near future.
https://developers.google.com/web/updates/2019/02/trusted-types
--
Jim Manico
@Manicode
Secure Coding Education
+1 (808) 652-3805
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
