serialization.scripts Boolean (default: false)

Indicates whether inline scripts will be serialized and posted to the server.

Setting this option does not prevent cross-site scripting (XSS) attacks; you need server sanitization, too. See the preventing cross-site-scripting help topic for more information.


<textarea id="editor"></textarea>
  value: "before script <script>alert(1);<\/script> after script",
  serialization: {
    scripts: true
/* The result can be observed in the DevTools(F12) console of the browser. */
console.log($("#editor").data("kendoEditor").value()); // log will contain the script tag
In this article