HTML escaping data with ajax requests
If it is not HTML, it does not need HTML escaping, if it is not JS, it does not need JS escaping. All escaping is context based. In general You should probably just avoid sending “text” in response and focus on sending data which is “converted” into whatever is the relevant DOM structures, either directly … Read more