14Tem
How to securely insert JSON objects into javascript, DOM content and html elements attributes?
Is there a way to sanitize or scape strings to secure put data in a object into script or DOM like:
var myObj = JSON.parse({someObject: value})
someElement.innerHTML('<div data-id="'+myObj.someObject+'">' + '+myObj.someObject+')?
This JSON is generated when an user A sends a object inside a JSON to user B, in a chat application that user B receives that JSON and stores this object in a array then generates an HTML element with an attribute and content.
