I'm attempting to write a chat server and I've come across the issue that if someone puts markup in their messages e.g. <strong>blah</strong> then the message will send with bold text. Someone could take it further by putting scripts in their message. I'm not sure how I can avoid this.
Asked
Active
Viewed 51 times
0
uniqueusername
- 440
- 1
- 5
- 9
-
2Possible duplicate of [How to prevent Javascript injection attacks within user-generated HTML](https://stackoverflow.com/questions/942011/how-to-prevent-javascript-injection-attacks-within-user-generated-html) – Li Hang Oct 02 '17 at 03:01
1 Answers
0
You need to filter your input to take out unwanted tags. There really isn"t much else to it.
indigo
- 84
- 6