javascript function for escaping the special characters

JavaScript and client side scripting.

Moderator: General Moderators

Post Reply
qumar
Forum Commoner
Posts: 29
Joined: Wed Nov 01, 2006 8:20 am

javascript function for escaping the special characters

Post by qumar »

hi friends,
i need a javascript function for escaping the special characters like single quot, double quot.
give some idea. please help to me.
thanks,
qumar.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Choose the Right Board

Post by s.dot »

[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1 wrote:1. Select the correct board for your query. Take some time to read the guidelines in the sticky topic.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

encodeURIComponent() for passing through ajax or similar
maybe escape() ?
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

So does anyone have any arguments as to using this approach in securing at least URI style XSS exploits???

Is using javascript during onLoad() an acceptable measure in preventing XSS of this type???
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

So I can assume this is safe practice in preventing XSS? :D
Post Reply