Skip to content

Files

Latest commit

 

History

History
14 lines (9 loc) · 440 Bytes

no-inner-html.md

File metadata and controls

14 lines (9 loc) · 440 Bytes

Pattern: Insecure write of HTML

Issue: -

Description

Do not write values to innerHTML, outerHTML, or set HTML using the JQuery html() function. Writing values to innerHTML can expose your website to XSS injection attacks. All strings must be escaped before being rendered to the page.

Further Reading