6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Approach XSS prevention on Html page using javascript\",\"text\":\"

How to escape textbox contents of form using javascript(not jsp page) to avoid xss.It must be redered properly on page while submitting form.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Ram\"},\"upvoteCount\":0,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

Insert the text into the document using document.appendChild, document.createTextNode and friends instead of a property (such as innerHTML) that accepts raw HTML.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Quentin\"},\"upvoteCount\":2}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","javascript",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/javascript/1","children":"javascript"}]}],["$","span","html",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/html/1","children":"html"}]}],["$","span","xss",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/xss/1","children":"xss"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/034e70f60e8f55d4a842c22d97b5df7e?s=256&d=identicon&r=PG","alt":"Ram","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/880761/ram","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Ram"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",15]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Approach XSS prevention on Html page using javascript"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

How to escape textbox contents of form using javascript(not jsp page) to avoid xss.It must be redered properly on page while submitting form.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",0]}],["$","p",null,{"children":["Views: ",190]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","6958993",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/SzDWW.jpg?s=256","alt":"Plap","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/818764/plap","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Plap"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",1056]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

\n
\"Insert the text into the document using document.appendChild,\n document.createTextNode and friends instead of a property (such as\n innerHTML) that accepts raw HTML.\"
\n

\n\n

as Quentin says, or, using an existing textbox, use the value property:

\n\n

textObject.value=\"value\"\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}],["$","div","6958383",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/1d2d3229ed1961d2bd81853242493247?s=256&d=identicon&r=PG","alt":"Quentin","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/19068/quentin","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Quentin"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",944216]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

Insert the text into the document using document.appendChild, document.createTextNode and friends instead of a property (such as innerHTML) that accepts raw HTML.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","50677210",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/50677210","className":"text-blue-600 hover:underline","children":"JS Prevent XSS but allow HTML URL"}]}],["$","li","46534228",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/46534228","className":"text-blue-600 hover:underline","children":".innerHTML & XSS Prevention"}]}],["$","li","34261522",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/34261522","className":"text-blue-600 hover:underline","children":"How to prevent XSS in the following code?"}]}],["$","li","37149740",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/37149740","className":"text-blue-600 hover:underline","children":"DOM based XSS protection in JS app"}]}],["$","li","2781574",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2781574","className":"text-blue-600 hover:underline","children":"XSS attack prevention"}]}],["$","li","28111289",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/28111289","className":"text-blue-600 hover:underline","children":"Prevent XSS on client-side (Pure Javascript)"}]}],["$","li","13287677",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/13287677","className":"text-blue-600 hover:underline","children":"Preventing DOM XSS"}]}],["$","li","4344703",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4344703","className":"text-blue-600 hover:underline","children":"XSS prevention. Handling <script is enough?"}]}],["$","li","3242732",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/3242732","className":"text-blue-600 hover:underline","children":"Javascript that prevents XSS"}]}],["$","li","1317598",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/1317598","className":"text-blue-600 hover:underline","children":"What precautions should I take to prevent XSS on user submitted HTML?"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Approach XSS prevention on Html page using javascript

Answers (2)

Related Questions