Prevent XSS attacks

Hello, Below is the versions I have:
Dash: 1.21.0

My app has an input of type text where the user has the capability to enter any text along with some special characters as well. However, recently it was observed that, it was allowing a javascript script code as well(that may contain malicious code) and it was saving successfully as well.
How can I prevent user from entering any malicious code like javascripts, codes, etc.
Any suggestions are appreciated.


The idea you are thinking of is sanitizing your inputs. There’s a bunch of python libraries to do this, one of the more popular ones is bleach. Should be able to apply it’s functions to your input results and it’ll strip out the malicious code.


Thanks @tphil10 for your suggestion. Appreciate it !!