Update main.ts DOM text reinterpreted as HTML

google / webauthndemo

An example Node.js Relying Party implementation of the WebAuthn specification

https://try-webauthn.appspot.com

Apache License 2.0

549 stars 120 forks source link

Update main.ts DOM text reinterpreted as HTML #131

Closed Shivam7-1 closed 3 months ago

Shivam7-1 commented 3 months ago

By using innerText, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text. This helps prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML.

Shivam7-1 commented 3 months ago

Hi @agektmr Could You Please Review Above PR Regards