XSS Protection in tickets from API

Posted Aug 31, 2022

Hi folks!

I'm sorry if there's already some documentation on this, but I couldn't find with some typical search keywords.

I'm trying to create tickets in the helpdesk using the Zendesk API (using `html_body`). However, since it's possible for anyone to send any kind of arbitrary text data in that, does Zendesk actually do some kind of filtering?

Please let me know if any clarifications are needed.

1 comment

Date

Erica Girges

Zendesk Developer Advocacy

Sep 22, 2022

Hi Hrishikesh,

You typically only see that property accessible for anonymous users. For all authenticated users making requests, that property shouldn't be accessible which would provide security for your users.

Hope this helps!

Erica

Please sign in to leave a comment.

Didn't find what you're looking for?

New post

XSS Protection in tickets from API

1 comment

Didn't find what you're looking for?

Common topics

Role-based guides

Additional resources