Cross-Site Scripting (XSS)
4 Dec 20241 minute to read
Cross-Site Scripting is a security vulnerability and a client-side injection attack. Attackers inject the malicious code in a web application, usually JavaScript but could also be HTML or CSS. To prevent this aspect, the API EnableHtmlSanitizer
is provided and its default value is set to true.
EnableHtmlSanitizer Supported Controls
The following list demonstrates the Syncfusion® ASP.NET Core controls that are supported with EnableHtmlSanitizer
property.
- Accordion
- Button
- CheckBox
- ContextMenu
- DashboardLayout
- Dialog
- DropDownButton
- FileManager
- InPlaceEditor
- ListView
- Menu
- MultiSelect
- PivotView
- ProgressButton
- RadioButton
- RichTextEditor
- Slider
- SplitButton
- Splitter
- Tab
- Toast
- ToolBar
- Tooltip
- TreeView