Joget DX 8 Stable Released
The stable release for Joget DX 8 is now available, with a focus on UX and Governance.
Table of Contents |
---|
English |
---|
This article will discuss |
...
the implementation of Input Sanitization in Joget. |
...
The purpose of sanitizing text field values is to protect against malicious input that could lead to security vulnerabilities or unintended behavior. In Joget, a sanitization option is available for the |
...
following form element within the form: |
1. Text Area
2. Text Field
3. Custom HTML
Info |
---|
The `Sanitize Input Value?` option will sanitize the input value before storing data to in the database. It will also un-escape it again when loading from the form binder to prevent double escape. |
Drag the Text Area, Text Field, and Custom HTML to form
Figure 1: Drag the mentioned form elements
Insert the following line into the Custom HTML configuration. It will serve as a sample display of sanitized value.
Code Block |
---|
<br> <p>Custom HTML</p><input type="text" name="sample" value=""/> |
Figure 2: Add HTML code
In each of the form element advanced options, tick on the "Sanitize Input Value?" to enable sanitization
Figure 3: Enable Input Value Sanitization
Create CRUD and test. Input value of your choice into 3 of the form fields.
Figure 4: Input text
Results:
In listthe datalist, it will show as text as shown in Figure 5
Figure 5: Runtime Result
Press edit on of the list datalist row in Figure 5. The sanitized value of Custom HTML can be seen here.
Figure 6: Custom HTML
...
In the database, the text area & text field value are sanitized as shown in Figure 7.
Figure 7: Database Result
View file | ||||
---|---|---|---|---|
|
...