admin管理员组

文章数量:1023554

I am using that block of code and bring told by a code validator that this should be sanitized.

What is wrong with it and how can i sanitize it?

el1 = document.getElementById('quote'); //this is fine
el1.innerHTML = quoteNew; //this should be sanitized

I am using that block of code and bring told by a code validator that this should be sanitized.

What is wrong with it and how can i sanitize it?

el1 = document.getElementById('quote'); //this is fine
el1.innerHTML = quoteNew; //this should be sanitized
  • javascript
  • sanitize
Share Improve this question asked May 16, 2017 at 23:22 scandalousscandalous 9125 gold badges15 silver badges25 bronze badges 4
  • 1 Where does quoteNew e from? – Ry- Commented May 16, 2017 at 23:24
  • 2 If it is supposed to be just text, then the safe way is el1.textContent = quoteNew; – Gabriele Petrioli Commented May 16, 2017 at 23:27
  • quoteNew is a string with some css added to it – scandalous Commented May 17, 2017 at 6:15
  • @GabyakaG.Petrioli : It works!. Please make an answer so that I can choose your answer as best answer. – scandalous Commented May 17, 2017 at 6:21
Add a ment  | 

1 Answer 1

Reset to default 5

If the contents of quoteNew are just text to display, then use the textContent property of the element.

 el1.textContent = quoteNew;

I am using that block of code and bring told by a code validator that this should be sanitized.

What is wrong with it and how can i sanitize it?

el1 = document.getElementById('quote'); //this is fine
el1.innerHTML = quoteNew; //this should be sanitized

I am using that block of code and bring told by a code validator that this should be sanitized.

What is wrong with it and how can i sanitize it?

el1 = document.getElementById('quote'); //this is fine
el1.innerHTML = quoteNew; //this should be sanitized
  • javascript
  • sanitize
Share Improve this question asked May 16, 2017 at 23:22 scandalousscandalous 9125 gold badges15 silver badges25 bronze badges 4
  • 1 Where does quoteNew e from? – Ry- Commented May 16, 2017 at 23:24
  • 2 If it is supposed to be just text, then the safe way is el1.textContent = quoteNew; – Gabriele Petrioli Commented May 16, 2017 at 23:27
  • quoteNew is a string with some css added to it – scandalous Commented May 17, 2017 at 6:15
  • @GabyakaG.Petrioli : It works!. Please make an answer so that I can choose your answer as best answer. – scandalous Commented May 17, 2017 at 6:21
Add a ment  | 

1 Answer 1

Reset to default 5

If the contents of quoteNew are just text to display, then use the textContent property of the element.

 el1.textContent = quoteNew;

本文标签: Sanitize innerHTML in javascriptStack Overflow

版权声明:本文标题:Sanitize innerHTML in javascript - Stack Overflow 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://it.en369.cn/questions/1745553471a2155740.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。