john chen
Reputation: 85
How prevent DOM XSS
I have function to get radio button value.
var val = $('input[name="test_'+ id +
'"]:checked').val();
but it cause DOM XSS. How do I refactor to prevent XSS?
thanks.
Upvotes: 2
Views: 577
Answers (1)
CertainPerformance
Reputation: 371193
This does not have an XSS vulnerability except in extremely ancient versions of jQuery, so it's probably not something to worry about.
Avoiding jQuery and using querySelector will work though.
const val = document.querySelector('input[name="test_'+ id + '"]:checked').value;
Upvotes: 1
Related Questions
- How to prevent Client DOM XSS vulnerability in javascript?
- jquery - how to escape html to prevent XSS?
- Prevent XSS in jQuery html()
- Avoid XSS and allow some html tags with JavaScript
- DoM XSS in jquery
- jquery xss prevention when using html()
- xss javascript protection
- Protect JQuery code against XSS
- Preventing DOM XSS
- Javascript that prevents XSS