0
0
Flaskframework~20 mins

Input sanitization in Flask - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Input Sanitization Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What is the output when submitting unsafe input?
Consider a Flask route that takes user input from a form and returns it directly without sanitization. What will be the rendered output if the input is ?
Flask
from flask import Flask, request
app = Flask(__name__)

@app.route('/echo', methods=['POST'])
def echo():
    user_input = request.form.get('data')
    return f"<p>{user_input}</p>"
AThe page will display the text <script>alert('XSS')</script> as plain text.
BFlask will automatically sanitize and remove the script tags, showing an empty paragraph.
CThe browser will execute the alert('XSS') script, showing a popup.
DThe server will raise a ValueError due to unsafe input.
Attempts:
2 left
💡 Hint
Think about how Flask handles string interpolation and what the browser does with HTML tags.