How to Safely Sanitize Cross Scripting Vulnerabilities #19974
SudhaPrasannaTr
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
fileInput.hidden = true;
fileInput.type = "file";
fileInput.value = null;
document.body.append (fileInput);
fileInput.addEventListener("change", function (evt)
The append is giving Snyc issue which causes cross site scripting vulnerabilities if fileInput contains any unsafe data
To fix we can sanitize the code by adding DOM purifier with plugin by using our own client-side validation.
Or is there any update or built in sanitizations releases are available in future releases.
Path:
C:\development\dev\reuters_imagen_imagenweb\application\source\js\js-plugins\pdfjs\web\viewer.mjs
Beta Was this translation helpful? Give feedback.
All reactions