3

We are using Angular JS in our app. I want to prevent all input fields from accepting JavaScript etc. Rather than check every single component is there a directive or something I could use out of the box which does this for me? Thanks

Improve this question

2 Answers 2

Reset to default
8

Rather than doing client side filtering, I would leave that to the server side component. But client side will need to do the input validation stuff for the sake of user friendly.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That is what I mean by "But client side will need to do the input validation stuff for the sake of user friendly."
+1 for giving the correct answer. -1 to @DaveMackintosh for giving an awful ignorant response.
5

ngSanitize in angular 1.2.0 (and some earlier versions) can help you sanitize your inputs.

http://docs.angularjs.org/api/ngSanitize

Or, alternatively, write your own filter that runs the input through regex to strip all HTML/JS/etc.

As a note, you should still have your server sanitize the inputs as well considering users can make direct requests against your server API and you may not have client side validation there.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.