SerializeJson() Escapes Forward-Slashes In ColdFusion This is an off-site link.  Please review our Terms of Service for additional information.

(Ben Nadel) After my post yesterday about security precautions when using jsStringFormat() in ColdFusion, I wondered if the serializeJson() function would be susceptible to the same kind of Cross-Site Scripting (XSS) attack. Luckily, serializeJson() escapes forward-slashes, which prevents the premature closing of Script tags.

Read this article...

comments powered by Disqus