Net-informations.com
SiteMap  | About    

Define unescape() and escape() functions?

The escape() and unescape() functions is to Encode and decode a string in JavaScript. The escape() function in JavaScript to make a string portable to transmit it over a network and we can use unscape() function to get back the original string.

var str = "http://net-informations.com"; var str_esc = escape(str); document.write(str_esc); document.write(unescape(str_esc));

Escaping and unescaping are useful to prevent Cross Site Scripting (XSS) attack. It is one of the common web attacks, since it will be easy to create an attack vector if the site is not designed carefully.

According to https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/unescape you should update your old scripts:

How to Fix?

Fixing it could be as simple as dropping a line into your JS to add in an unescape() method if one doesn't exist.









net-informations.com (C) 2018    Founded by raps mk
All Rights Reserved. All other trademarks are property of their respective owners.