Tag: xss

itemprop="url"

When using parameters from the URL, it should always be sanitized before using it in your javascript. Using jQuery you can easily do: var safeString = $(“<span></span>”).text(unsafeString).html(); Using plain javascript: var entityMap = { “&”: “&amp;”, “<“: “&lt;”, “>”: “&gt;”,

Tagged with: , ,
Top