Data Sanitization

  • Hey JSReport Team,

    Just wondering if there is any built in sanitization that can be used for sanitizing data used for a template that might have malicious html or javascript, particularly to prevent Server-Side XSS. Or is this something we would need to be sure to implement on our own in the script or handlebars to prevent.


  • The handlebars by default escape tags if you use double brackets. {{value}}
    Or you can use a custom sanitization lib of your choice. Here is an example

Log in to reply

Looks like your connection to jsreport forum was lost, please wait while we try to reconnect.