If the data obtained from the model contains HTML elements, these are escaped before being inserted into the HTML template. The escaping means that the HTML is displayed as text, and not as HTML. This is done to prevent . . . .
A)SQL injection attacks
B)JS injection attacks
C)HTML injection attacks
D)Python injection attacks

Question

Quizplus · Accepted Answer

Escaping HTML elements before inserting them into an HTML template is a security measure to prevent HTML injection attacks. This ensures that any HTML code provided by the user is displayed as plain text, rather than being rendered by the browser, which could lead to Cross-Site Scripting (XSS) vulnerabilities.

If the Data Obtained from the Model Contains HTML Elements