Skip to content
Advertisement

Tag: xss

Java XSS Sanitization for nested HTML elements

I am using JSoup library in Java to sanitize input to prevent XSS attacks. It works well for simple inputs like alert(‘vulnerable’). Example: Output: “” However, if I tweak the input to the following, JSoup cannot sanitize the input. Output: <script>alert(‘vulnerable’);</script> This output obviously still prone to XSS attacks. Is there a way to fully sanitize the input so that

Advertisement