Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

html dangerous tags to avoid while developing a chat application

Tags:

html

tags

I am developing a chat application using PHP and jQuery... all messages sent by the chat pair are appended to a <div>. While doing this, I found that tags such as <script> can be entered by users. What tags should I avoid while appending the user's message?

like image 572
sajith Avatar asked Sep 17 '25 12:09

sajith

1 Answers

Avoid tags that will inject content into the page:

  • applet
  • script
  • style
  • link
  • iframe

Other tags may be necessary to remove, as well. Maybe you don't want to embed images. These are things that you will need to determine. At the bare minimum, allow <p> and <br />.

like image 153
mgw854 Avatar answered Sep 20 '25 03:09

mgw854

Sign in to Comment

Related questions

How can I find the position of an HTML element relative to the entire desktop screen using JavaScript?
Catch the window.open from javascript
How can I change a Bootstrap 5 tooltip color based on button style?
how to divide css grid like first column 50%, second column 50% and third column 100%?
bootstrap 3 popover on container div
How to change div color? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!