Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
0
0
0Andrey02016-08-20 13:20:49
PHP
0Andrey0, 2016-08-20 13:20:49

How to filter user input from javascript insert?

К примеру, если пользователь вводит пост/комментарий на сайте отформатированный с помощью html тегов, который сохраняется в базе "как есть" и вставляется на страницу из базы так же, то юзер может ввести javascript код и воровать данные других пользователей с этой страницы отправляя ajax запросы к себе. Как отфильтровать ввод/вывод от javascript?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
N
napa3um, 2016-08-20
@0Andrey0

Strip all tags on save except whitelisted safe tags (for example, B, I, and H).

Report
C
Chronic 86, 2016-08-20
@chronic86

Look for ready-made filters in Google, otherwise it hurts a lot of variations on how to hide tags from filters. Why reinvent the wheel.

Similar questions
N
nickostyle2014-04-22 13:05:16
Is it possible to repost from social networks to the site? 9Reply
M
Marty McFly2018-11-12 19:00:41
Where is the best place to study web design from 0 in St. Petersburg? 6Reply
M
Mikhail Potapenkov2016-06-13 18:20:30
On initial startup, the OS issues a blue screen 0x0000007B. What does it mean? 4Reply
S
Sergey Buben2016-06-16 11:37:54
How to add a second price in VirtueMart in Joomla? 3Reply
S
Steve2022-01-20 23:47:23
How to hide the real path to css? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question