0

I am trying to use view-source to find XSS vulnerability but when I view-source the HTML is unreadable.

image of view-source

On other websites, such as stackoverflow, when you view-source the code is organized and readable.

Ironically, this is my website and I don't know why this is happening. I believe it has to do with bundling. I am using React and Next.js if that has anything to do with it.

Michael S.
  • 3,050
  • 4
  • 19
  • 34
Josh Morrison
  • 1
  • 2
  • Does this answer your question: [Render formatted (unminified) HTML in React (SSR with Next.js)](https://stackoverflow.com/questions/44956379/render-formatted-unminified-html-in-react-ssr-with-next-js)? There is no built-in way to prettify the HTML response in Next.js. You'll need to resort to a [custom server](https://nextjs.org/docs/advanced-features/custom-server) and format/prettify the response yourself. – juliomalves Apr 08 '22 at 17:01
  • code minification is included in most react setups. Check your webpack configuration; there's often a separate development build that skips minification for testing; or you can generate sourcemaps which make the minified code intelligible. I'm not too familiar with next.js but https://github.com/vercel/next.js/issues/7494 looks promising – Daniel Beck Apr 08 '22 at 17:06
  • Returning minified code from the web server is a good thing! You can always use the developer tools to view the parsed HTML tree in a pretty form if you really like. – Alejandro Apr 08 '22 at 17:12
  • Yes! To clarify, I was only suggesting disabling it temporarily for debugging, or (better) using a separate unminified dev build -- as @Alejandro says, you definitely want to keep minifying your production code. – Daniel Beck Apr 08 '22 at 18:25

0 Answers0