0

How to prevent HTML injection stored

Consider we have one input box If I given the input as <h1> coder</h1> The it show as it is... But here it should show like coder alone... How can we resolve thise

13th Sep 2021, 1:37 PM
Mani Megalai
1 ответ
+ 1
Check the following example, let i="<h1>Hello</h1>;<p>bye</p>"; const val=i.matchAll(/<.*?>(.*?)<.*?>/g); for(j of val){ console.log(j[1]) } If the input is something like i , then it will output only the values between those tags(hopefully!). expression between /.../ is a regex . () captures the value between tags.
13th Sep 2021, 1:53 PM
Abhay
Abhay - avatar