TransWikia.com

Can input value escape a JSON object?

Information Security Asked on November 16, 2021

I am passing value from input filled directly into a script function inside a JSON object. I was thinking, is it possible that this input can escape this object and can lead to XSS or something.

<script>
...
function doSomething(item) {
data = {'content':item}
}
...
</script>

<input id="search" type="text" value="" oninput="doSomething(this.value)"/>

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP