3. Data Sanitization

Data Sanitization

  • J

    Hey JSReport Team,

    Just wondering if there is any built in sanitization that can be used for sanitizing data used for a template that might have malicious html or javascript, particularly to prevent Server-Side XSS. Or is this something we would need to be sure to implement on our own in the script or handlebars to prevent.

    Thanks

    0

  • The handlebars by default escape tags if you use double brackets. {{value}}
    Or you can use a custom sanitization lib of your choice. Here is an example

    https://playground.jsreport.net/w/anon/szkGoMzc

    0
Log in to reply
 

Looks like your connection to jsreport forum was lost, please wait while we try to reconnect.