scandalous
scandalous

Reputation: 912

Sanitize innerHTML in javascript

I am using that block of code and bring told by a code validator that this should be sanitized.

What is wrong with it and how can i sanitize it?

el1 = document.getElementById('quote'); //this is fine
el1.innerHTML = quoteNew; //this should be sanitized

Upvotes: 2

Views: 4926

Answers (1)

Gabriele Petrioli
Gabriele Petrioli

Reputation: 196306

If the contents of quoteNew are just text to display, then use the textContent property of the element.

 el1.textContent = quoteNew;

Upvotes: 5

Related Questions