Add XSS example of insecure URL in database

In React it's not secure to use untrusted input in the `href` attribute of anchor elements ([explanation](https://www.invicti.com/blog/web-security/cross-site-scripting-react-web-applications/#:~:text=in%20a%20minute.-,The%20Props%20Attribute,-This%20attribute%20is), [CodeSandbox](https://codesandbox.io/s/react-href-attribute-xss-5hz34n?file=/src/App.tsx), [official docs showing deprecation](https://reactjs.org/blog/2019/08/08/react-v16.9.0.html#deprecating-javascript-urls))

Create an additional example showing a new `blog_posts.url` field.

This could also be additionally connected with allowing users to create new `blog_posts` records via:

- https://github.com/upleveled/security-vulnerability-examples-next-js-postgres/issues/5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add XSS example of insecure URL in database #28

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add XSS example of insecure URL in database #28

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions