logo
down
shadow

Should I Html Encode the Html input from user?


Should I Html Encode the Html input from user?

By : edu_arg
Date : November 22 2020, 10:31 AM
To fix the issue you can do If the user input is HTML, and you encode it before saving it, then when you display it, you should decode it.
The reason the recommendation exists to encode before displaying is if the user input is expected to be text, it is recommended to encode for general display purposes (so that an ampersand actually displays as &) and also to prevent potentially malicious input from being rendered on the page and interpreted by the browser (e.g.
shadow
Privacy Policy - Terms - Contact Us © ourworld-yourmove.org