[Owasp-leaders] From a security point of view: Angular or React?

Jim Manico jim.manico at owasp.org
Sun Jun 28 20:37:04 UTC 2015


Almost every "sink" in JQuery is dangerous. 

The safe ones include:

http://api.jquery.com/text/
and
http://api.jquery.com/val/

Aloha,
--
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

> On Jun 28, 2015, at 8:47 AM, Tim <tim.morgan at owasp.org> wrote:
> 
> 
>> On Sun, Jun 28, 2015 at 10:29:56AM -0400, johanna curiel curiel wrote:
>> Dinis
>> What about Jquery? Many people still using it today, I know a banking app
>> using it.
> 
> I get the impression that jQuery has a lot of sinks that would trip up
> the typical UI developer:
>  https://code.google.com/p/domxsswiki/wiki/jQuery
> 
> tim
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150628/41d742de/attachment.html>


More information about the OWASP-Leaders mailing list