摘要:
Automatic HTML Escaping-----------> user-submitted data shouldn't be trusted blindly and inserted directly into your Webpage, because a malicious user could use thin kind of hole to do potentially bad things, This type of security exploit is called a Cross site scipting(XSS) attack. Consider 阅读全文
