akshat
Reputation: 15922
Is there a javascript library which can be used to filter out strings for XSS attacks?
Is there a Javascript equivalent of libraries like HTMLPurifier, which remove XSS code from strings?
Upvotes: 3
Views: 874
Answers (2)
bdonlan
Reputation: 231223
Generally speaking, by the time Javascript code is running, it's too late to protect yourself against an XSS attack. You need to protect against it at the server, not the client.
Upvotes: 7
Related Questions
- JavaScript simple profanity filter
- Blacklist/whitelist for XSS
- XSS Blacklist - Is anyone aware of a reasonable one?
- Javascript implementation of anti-XSS escaping functions
- Anybody know a solid library/function in Javascript to clean user input
- system for censoring banned words
- Filtering JavaScript out of HTML
- Is it possible to sanitize Javascript code?
- Javascript that prevents XSS
- Is there a good Javascript based HTML parsing library available?