You are tasked with creating a user dashboard using EJS where user-specific data needs to be displayed. How would you securely pass user data from the server to the EJS template and ensure that it is correctly escaped to prevent XSS attacks?
- Use the render method with EJS and sanitize user data with a library like DOMPurify before rendering.
- Use plain JavaScript to inject user data directly into the template without any sanitization.
- Use the res.send method to send user data as JSON and then use JavaScript in the template to render it.
- Pass user data as a query parameter in the URL and retrieve it in the template with JavaScript.
To securely pass user data from the server to the EJS template and prevent XSS attacks, it's essential to use the render method with EJS and sanitize user data with a library like DOMPurify before rendering. This ensures that any potentially harmful user input is properly sanitized, reducing the risk of XSS vulnerabilities.
Loading...
Related Quiz
- How can the process object be used to handle application termination in Node.js?
- The Events module in Node.js extends the ______ class to allow the creation of event emitter instances.
- How can you implement HTTP/2 using the http module in Node.js?
- To specify a specific version of a package in the package.json file, you can use a ______ to define the exact version number.
- How can you send JSON data as a response using the http module in Node.js?