Qiimiia
Reputation: 607
XSS Risks in XML Transfer With HTTPS
I have been checking lots of recourses but still have problems finding my answer, so I will ask it directly: I have a situation in my website where
- I make an API call and in response I get HTML document
- Then I add some data to this HTML document, create an XML from it and send the XML with API (I do not show these files anywhere e.g. in the DOM, nor use it in any other ways on the client-side)
What are the risks of XSS attacks in this process? Do I need to do encode/decode or sanitization or both? Should I do it for the HTML response or the created XML? Should this be done on client-side or server-side?
Upvotes: 0
Views: 57
Answers (0)
Related Questions
- Using async/await with a forEach loop
- Get the current URL with JavaScript?
- How to format a number with commas as thousands separators?
- How do you parse and process HTML/XML in PHP?
- How can I change an element's class with JavaScript?
- Compare two dates with JavaScript
- Scroll to an element with jQuery
- Setting "checked" for a checkbox with jQuery
- How can I upload files asynchronously with jQuery?
- What does <![CDATA[]]> in XML mean?