1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Javascript sanitize ?

Discussion in 'XenForo Development Discussions' started by account8226, Mar 11, 2013.

  1. account8226

    account8226 Guest

    Hello XF,

    Here is my problem, I sanitize my inputs using the ->filter() method of the xenforo framework.

    I fetch my vars (sanitized) from my DB, and show them on a page. But when I trigger on event with Javascript onto these text, if one of them got the "<script>alert("XSS");</script>" text (as an example of course) it's poping up the alert !

    What I've done wrong ? How to sanitazie my javascript text.

  2. James

    James Well-Known Member

    It would help if you posted code snippets of both your storing the data and fetching the data.

Share This Page