Jul 20, 2023

Perl extension to avoid XSS with JavaScript value interpolation

There are a lot of XSS, a security hole typically found in web applications, caused by incorrect or lack of JavaScript escaping. This module is aimed to provide a secure JavaScript escaping to avoid XSS with JavaScript values.

The escaping routine JavaScriptValueEscape provides escapes q!”!, q!’!, q!&!, q!=!, q!-!, q!+!, q!;!, q!<!, q!>!, q!/!, q!! and control characters to JavaScript unicode entities like “\u0026”.

Checkout these related ports:
  • Zig - Language designed for robustness, optimality, and maintainability
  • Zephir - Zephir is a transpiled language used for creating C-extensions for PHP
  • Ypsilon - Scheme implementation for real-time applications
  • Yorick - Interpreted language for scientific simulations
  • Yap - High-performance Prolog compiler
  • Yap-devel - High-performance Prolog compiler
  • Yabasic - Yet another Basic for Unix and Windows
  • Voc - Vishap Oberon Compiler for Oberon-2
  • Vala - Programming language and compiler that converts Vala code into C code
  • V8 - Open source JavaScript engine by Google
  • V8-beta - Open source JavaScript engine by Google
  • V - V Programming Language
  • Urweb - Ultimate host for embedded domain-specific languages
  • Ucc - C Compiler Which Implements the ANSI C89 Standard
  • Twelf - Meta-logical framework for deductive systems