I have a website where any user can enter an url to an other website/domain. Is this considered a threat (in XSS)? (since users can enter malicious urls to scripts/sites/...)
Is it possible to prevent this?
Asked
Active
Viewed 19 times
0
-
Are you presenting those URLs as clickable links in your application? – Robby Cornelissen Aug 22 '19 at 06:58
-
Yes, they are clickable for users – RubenHerman Aug 22 '19 at 07:18
-
Take a look at [this](https://stackoverflow.com/questions/205923/best-way-to-handle-security-and-avoid-xss-with-user-entered-urls). – Robby Cornelissen Aug 22 '19 at 07:20