I have a code where I need to send HTML with inner Html but my code is not passing the security testing it showing Cross-site Scripting (XSS) warning.
how to use innerHtml with out Cross-site Scripting (XSS) issue.
if (e.currentTarget) {
const { reamoreid } = e.target.dataset;
axios.get(`/single-readmore/${reamoreid}`).then((response) => {
readMoreContent.innerHTML = DOMPurify.sanitize(readmoreInfo(response.data));
});
I need some information about how to fix the issue.
Due to CORS policy, you cannot view the response of a packet if it does not contain "Access-Control-Allow-Origin: *" header. If you don't own the server, use a CORS proxy. Example: https://cors-anywhere.herokuapp.com/https://google.com
(link will not work if sent through the address line)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.