[Javascript] at the end javascript to prevent XSS attacks

Others 2019-09-10 17:53:50 views: null

[Javascript] at the end javascript to prevent XSS attacks


In any objects have been scanned risk of XSS, substituting similar to the following syntax to remove the malicious string:
the situation here is a.text will receive any text on a Web page input from the user, for fear a.text there will be a malicious javascript

a.text = a.text.replace(/&/g, '&').replace(//g, '>').replace(/"/g, '"').replace(/'/g, ''').replace(///g, '/');




Reference data:
XSS Prevention and .innerHTML
https://stackoverflow.com/questions/30661497/xss-prevention-and-innerhtml/30707806#30707806

Original: Large column  [Javascript] to prevent XSS attacks end javascript


Guess you like

Origin www.cnblogs.com/chinatrump/p/11496442.html
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com