Hi, I'm gonna be using Django Rest Framework for API with a Postgres stack and not developing with website. Coding apps in Swift and Androidx Java. Users can POST rich text, or text that uses HTML, to the server, and then other users can GET that HTML and view it in (ui)TextView.
Based on previous experience, it seemed like Android's TextView wouldn't have any trouble with XSS or the like. Not sure about Swift, so can someone tell me if I should worry on the iOS side? Last thing. Because this is just an API, how does DRF protect my server against some malicious JSON POST request? A request that isn't sent from the designated app or is hand-crafted. If DRF doesn't somehow serialize correctly, then there would be some server issues, right? Gah worrying. TL;DR. Programming mobile with DRF. Should I worry about Rich Text (HTML Editing) on client and/or server side? -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/6c6b92e2-7e49-42f8-abe5-d05b1d0f4619%40googlegroups.com.
