As part of the project, I accept text from the user through a web form and display it on a web page. The text they provide may contain URLs, so I would like to make it a hyperlink to improve the experience. For example, a user can send text containing http://www.google.com, and I want to convert it to<a href="http://www.google.com">...
I am wondering what security issues I should know about this. I have already taken steps to avoid any simple XSS injections, because my XML library will avoid any special characters, but I assume there are more complex attacks.
source
share