Prevent XSS attacks

emailtapan4 · March 4, 2022, 10:01pm

Hello, Below is the versions I have:
Dash: 1.21.0

My app has an input of type text where the user has the capability to enter any text along with some special characters as well. However, recently it was observed that, it was allowing a javascript script code as well(that may contain malicious code) and it was saving successfully as well.
How can I prevent user from entering any malicious code like javascripts, codes, etc.
Any suggestions are appreciated.

Thanks

tphil10 · March 5, 2022, 2:13pm

The idea you are thinking of is sanitizing your inputs. There’s a bunch of python libraries to do this, one of the more popular ones is bleach. Should be able to apply it’s functions to your input results and it’ll strip out the malicious code.

emailtapan4 · March 7, 2022, 2:16pm

Thanks @tphil10 for your suggestion. Appreciate it !!

Topic		Replies	Views
Writing Secure Dash Apps - Community Thread Dash Python	4	5548	June 21, 2022
What is the Current Way to Disable CSRF? (my_app = dash.Dash(csrf_protect=False)) Dash Python question	0	420	July 19, 2022
How can I hide text Dash Python	1	787	May 11, 2018
Security question of Plotly Dash Dash Python	1	425	February 25, 2020
Prevent user from leaving dash app Dash Python	1	1464	December 3, 2021

Prevent XSS attacks

Related Topics