DEVHIDE
Login Or Sign up

How to make jQuery secure from XSS?

389 Views Asked by At

I have a website that uses jquery and bootstrap.

Now when i run it through a scanning application, a bunch of issues show up including the use of append(), html() and write() and pointing to XSS attacks. These issues are found in bootstrap and jquery files (bootstrap.js).

After a search through stackoverflow i found secure alternatives to these jquery functions but unfortunately these alternatives break my application.

Is there any way for me to resolve the security issues without changing the underlying bootstrap code?

or is it somehow safe as there is no external input to the site and all the files come from a trusted source?

javascript jquery html xss bluemix-app-scan
Original Q&A
2

There are 2 best solutions below

3
On

or is it somehow safe as there is no external input to the site and all the files come from a trusted source?

Yes (assuming your trust in the source is not misplaced).

0
On

Use the .text() function for unsafe inputs:

var input = $("'/><script>alert('I am an attacker!')</script>").text();

Related Questions in JAVASCRIPT

Related Questions in JQUERY

Related Questions in HTML

Related Questions in XSS

Related Questions in BLUEMIX-APP-SCAN

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.