Comments by "Gilad Barlev" (@GSBarlev) on "Lemmy Suffers Massive Cross Site Scripting Attack" video.

  1. I'd go a step further: unless you're a security dev, you shouldn't be writing parsers for user inputs, you should be installing a battle-hardened library to do it for you. Many languages even have this sort of stuff built-in, like Python's os.getpass() and urllib.parse(). Because (again, unless you do this for a living) there is an approximately 0⃣% chance that your code is going to do a better job at protecting you from attacks you haven't even thought of than something that hackers of all hats are devoting their careers to trying to exploit.
    12