Use jquery encoder to solve the problem caused by XSS Script Injection, jqueryxss
Symptom: the front-end receives a data (including html) tag in the background, automatically translates the tag into html page elements, and runs the script automatically, resulting in blocking of the front-end page.
The following code contains a large number of duplicated background data:
<Script> alert ("1"); </script> <button> I am but </button>
I learned about this xss attack.
But what is xss attack?
Du Niang's explanation is a cross-site scripting attack. What I understand now is to intercept background requests and return a malicious script that can be executed on a page, paralyzing the web application interface and possibly causing greater harm, add (6.14 ).
So how can we solve alert in the script that the page always executes?
After I found out that jquery encoder provides some column APIs to specifically solve similar problems. Then, the solution becomes a learning api, this is my favorite part in solving the problem.