How can you prevent script injection attacks when dynamically modifying element content with user input?
- Use the innerText property to set the content.
- Use the innerHTML property to set the content.
- Use a library like jQuery to sanitize input data.
- Use textContent property to set the content.
To prevent script injection attacks, it's crucial to use the textContent property to set content dynamically. Unlike innerHTML, which parses and executes scripts, textContent treats input as plain text, reducing the risk of script injection. Using libraries may help but doesn't guarantee security. innerText has limited browser support.
Loading...
Related Quiz
- In a code review, you spot the line const arr = [10, 20, 30]; followed by arr = [40, 50, 60];. What will be the outcome when this code is executed?
- Consider a situation where you have a switch statement inside a function, and forgetting to include a break statement leads to a bug. How might this bug manifest in the function’s behavior?
- Why does 0.1 + 0.2 !== 0.3 in JavaScript?
- How can one emulate the functionality of a switch statement using objects and functions in JavaScript?
- What is the purpose of the this keyword inside a constructor function?