XSS Protection in tickets from API

Gepostet 31. Aug. 2022

Hi folks!

I'm sorry if there's already some documentation on this, but I couldn't find with some typical search keywords.

I'm trying to create tickets in the helpdesk using the Zendesk API (using `html_body`). However, since it's possible for anyone to send any kind of arbitrary text data in that, does Zendesk actually do some kind of filtering?

Please let me know if any clarifications are needed.

1 Kommentar

Datum

Erica Girges

Zendesk Developer Advocacy

22. Sept. 2022

Hi Hrishikesh,

You typically only see that property accessible for anonymous users. For all authenticated users making requests, that property shouldn't be accessible which would provide security for your users.

Hope this helps!

Erica

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.

Sie finden nicht, wonach Sie suchen?

Neuer Post

XSS Protection in tickets from API

1 Kommentar

Sie finden nicht, wonach Sie suchen?

Häufig verwendete Themen

Rollenbasierte Leitfäden

Weitere Ressourcen