I am using summernote WYSIWYG editor on textarea. And found that it uses HTML tags.
<textarea name="body" id="editor"
value="" rows="10" required></textarea>
How to protect that from XSS attacks? I store it as plain text, and outputting in {!! $body!!} any suggestions how to prevent XSS? Is it possible to filter vulnerable input in textarea?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire