Can input value escape a JSON object?

Information Security Asked on November 16, 2021

I am passing value from input filled directly into a script function inside a JSON object. I was thinking, is it possible that this input can escape this object and can lead to XSS or something.

<script>
...
function doSomething(item) {
data = {'content':item}
}
...
</script>

<input id="search" type="text" value="" oninput="doSomething(this.value)"/>

javascript json xss

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

How can I transform graph image into a tikzpicture LaTeX code?
How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
Need help finding a book. Female OP protagonist, magic
Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?

Recent Answers

Lex on Does Google Analytics track 404 page responses as valid page views?
Joshua Engel on Why fry rice before boiling?
haakon.io on Why fry rice before boiling?
Jon Church on Why fry rice before boiling?
Peter Machado on Why fry rice before boiling?