We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. (Last updated on: November 16, 2018).
Unfortunately, activation email could not send to your email. Please try again.
Syncfusion Feedback

Prevent grid executing any html or script after rendering

Thread ID:

Created:

Updated:

Platform:

Replies:

132984 Oct 2,2017 08:47 PM UTC Oct 3,2017 01:01 PM UTC ASP.NET MVC 1
loading
Tags: Grid
Andrew Jang
Asked On October 2, 2017 08:47 PM UTC

Hello,

I was simulating the cross-site script (XSS) attack for the application I was building.
I am entering '<h1>Hello   World!</h1><script>alert('Cross   site scripting attack!');</script>' into DB to simulate the senario.
When I render the text above using Syncfusion's Grid Control, I get something like the following:



Can I prevent Grid control to execute any HTML or Script that's being loaded from the DB?

Thank you,

AJ

Mani Sankar Durai [Syncfusion]
Replied On October 3, 2017 01:01 PM UTC

Hi Andrew, 

Thanks for contacting Syncfusion support. 

We have analyzed your query and to prevent from the XSS Attack we have already documented a documentation that can be available from the below link. 

Please let us know if you need further assistance. 

Regards, 
Manisankar Durai. 





CONFIRMATION

This post will be permanently deleted. Are you sure you want to continue?

Sorry, An error occured while processing your request. Please try again later.

Warning Icon You are using an outdated version of Internet Explorer that may not display all features of this and other websites. Upgrade to Internet Explorer 8 or newer for a better experience.Close Icon

;