When you find you should use `$("#id").html(response)` instead of `$("#id").innerHTML = response` and it works just fine out of a sudden.

So, how was your day?

  • 2
    Doesn't that like leave you open to massive XSS attacks? Ever since the events of '14, I hyper paranoid about things which aren't escaped
  • 1
    Please use $.text() instead of $.html() , or Node.innerText instead of Element.innerHTML to avoid XSS.
  • 0
    @joas @nickdbush I didn't know about that at all, thanks! I'll fix it and read up about it.
  • 0
    Do I spot GitKraken with light theme?
Add Comment