There's no two ways about it, Python is slow. I felt this in particular when exploring how to sanitize potentially malicious HTML content in the CTFd [https://ctfd.io/] content editor. The two options for sanitizing/processing HTML in Python both have some tradeoffs: 1. Poorly but quickly parse HTML| Kevin Chung
In this write-up, we’ll delve into how, through differential fuzzing, we uncovered a bug in Go’s exp/net HTML’s tokenizer. We’ll show potential XSS implications of this flaw. Additionally, we’ll outline how Google assessed this finding within their VRP program and guide how to engage and employ fuzzing to evaluate your software. Introduction Reminisce with me the discussion boards of 2005. Open to all, searchable from every corner, with no account needed to peek in.| mionskowski.pl
Simple Lists is a tiny to-do list web application written in Go, with old school server-side rendering and no JavaScript.| benhoyt.com