I want to show HTML which is entered by the user from frontend and same text I have to show in the backend(admin panel) so I am using {!! !!} in Laravel to show HTML but recently I observed its not preventing XSS attack so if someone added this code in text <script>alert('xss')</script> than it shows an alert in backend so is there any way in Laravel to show HTML but prevent XSS attack.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire