Answer the question
In order to leave comments, you need to log in
What threatens the execution of javascript on the site?
The user can write html+js code and run it as a separate page on the site through a special link.
What negative consequences from it can be?
Should this functionality be allowed?
Answer the question
In order to leave comments, you need to log in
Why are you making the foreign key string?
The error means that the foreign key must still be the primary key.
it's xss , and the consequences can be dire: stolen passwords, user identities, ddos to other sites, etc.
If you need it on the site, then you can. There are jsfiddle, jsbin, codepen, ... They all do it. You just need to run the script in the sandbox. There are technologies in which this can be organized. But as @SilentFl said there are always risks. Therefore, you must know exactly what you are doing, how to protect yourself. Here you need to trust professionals, and hard testing, it is better that hackers or xss specialists do it.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question