Edit this page

serialization.scripts Boolean (default: false)

Indicates whether inline scripts will be serialized and posted to the server.

Setting this option does not prevent cross-site scripting (XSS) attacks; you need server sanitization, too. See the preventing cross-site-scripting help topic for more information.

Example

<textarea id="editor"></textarea>
<script>
$("#editor").kendoEditor({
  value: "before script <script>alert(1);<\/script> after script",
  serialization: {
    scripts: true
  }
});
console.log($("#editor").data("kendoEditor").value()); // log will contain the script tag
</script>
Is this article helpful? Yes / No
Thank you for your feedback!

Give article feedback

Tell us how we can improve this article

close
Dummy