Javascript sanitize ?

A

account8226

Guest
Hello XF,

Here is my problem, I sanitize my inputs using the ->filter() method of the xenforo framework.

I fetch my vars (sanitized) from my DB, and show them on a page. But when I trigger on event with Javascript onto these text, if one of them got the "<script>alert("XSS");</script>" text (as an example of course) it's poping up the alert !

What I've done wrong ? How to sanitazie my javascript text.

Regards.
 

James

Well-known member
It would help if you posted code snippets of both your storing the data and fetching the data.
 
Top