[Javascript] at the end javascript to prevent XSS attacks
In any objects have been scanned risk of XSS, substituting similar to the following syntax to remove the malicious string:
the situation here is a.text will receive any text on a Web page input from the user, for fear a.text there will be a malicious javascript
a.text = a.text.replace(/&/g, '&').replace(//g, '>').replace(/"/g, '"').replace(/'/g, ''').replace(///g, '/');
Reference data:
XSS Prevention and .innerHTML
https://stackoverflow.com/questions/30661497/xss-prevention-and-innerhtml/30707806#30707806
Original: Large column [Javascript] to prevent XSS attacks end javascript