We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date

Prevent XSS Attack in Rich Text

Hi

Having had recent security penetration tests conducted, it become apparent that when we saved the Rich Text control's html we open up our system to a cross site scripting attack. 

When we try to validate the html using a xss technique it always comes back as indicating that the Html is not valid.

I'm wondering if you have any experience to share as to how we best handle the Html data being posted via Ajax to our server without allowing for any xss attacks?

Thanks

1 Reply

PO Prince Oliver Syncfusion Team March 27, 2019 03:36 AM

Hello Damien, 

Greetings from Syncfusion support. 

Our controls do not have a built-in support for XSS protection, hence it is recommended that use HTML Sanitizer to check the requests. For further details regarding this, please check our UG documentation related to XSS Security. 


Let us know if you need any further assistance on this. 

Regards, 
Prince 


Loader.
Live Chat Icon For mobile
Up arrow icon