Version: 2.2.0 (latest)

XSS Protection

You are reading the documentation for version 2 of FoalTS. Instructions for upgrading to this version are available here. The old documentation can be found here.

FoalTS provides some utils to protect you against XSS attacks.

escape(str: string): string#

Escapes HTML and returns a new string.

escapeProp(object: object, propName: string): void#

Escapes HTML in the given property.

escapeProp(myObject, 'foobar')

is equivalent to

myObject.foobar = escape(myObject.foobar)