Created
December 3, 2014 10:32
-
-
Save owencjones/efd0ef664b69718399e8 to your computer and use it in GitHub Desktop.
Clean user input in Client-Side JS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
Depends on JQuery. By taking input and adding it as text to a DOM-injected div, it forces the content to go | |
through JQuery's in-built sanitation. Rendering it clean of DOM-injection attacks. | |
Taken from Socket.io's chat demo source. | |
https://github.com/Automattic/socket.io/blob/master/examples/chat/public/main.js#L148 | |
*/ | |
function cleanInput (input) {return $('<div/>').text(input).text();} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment