We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date

Prevent grid executing any html or script after rendering


I was simulating the cross-site script (XSS) attack for the application I was building.
I am entering '<h1>Hello   World!</h1><script>alert('Cross   site scripting attack!');</script>' into DB to simulate the senario.
When I render the text above using Syncfusion's Grid Control, I get something like the following:

Can I prevent Grid control to execute any HTML or Script that's being loaded from the DB?

Thank you,


1 Reply

MS Mani Sankar Durai Syncfusion Team October 3, 2017 01:01 PM UTC

Hi Andrew, 

Thanks for contacting Syncfusion support. 

We have analyzed your query and to prevent from the XSS Attack we have already documented a documentation that can be available from the below link. 

Please let us know if you need further assistance. 

Manisankar Durai. 

Live Chat Icon For mobile
Up arrow icon