How to escape/sanitize strings with Unicode inside

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

http://jsxss.com

Other

5.19k stars 630 forks source link

How to escape/sanitize strings with Unicode inside #195

Open ekokotov opened 4 years ago

ekokotov commented 4 years ago

I've faced situatuion when I have to filter json with unicode inside. If I just pass string to filterXss it doesn't filter (. example: {"place":"Tallinn, \u003cimg src\u003d\"#\" onerror\u003d\"alert(1)\"/\u003e Estonia"}