XSS Protection in tickets from API

Data ultimo post: 31 ago 2022

Hi folks!

I'm sorry if there's already some documentation on this, but I couldn't find with some typical search keywords.

I'm trying to create tickets in the helpdesk using the Zendesk API (using `html_body`). However, since it's possible for anyone to send any kind of arbitrary text data in that, does Zendesk actually do some kind of filtering?

Please let me know if any clarifications are needed.

1 commento

Data

Erica Girges

Zendesk Developer Advocacy

22 set 2022

Hi Hrishikesh,

You typically only see that property accessible for anonymous users. For all authenticated users making requests, that property shouldn't be accessible which would provide security for your users.

Hope this helps!

Erica

Accedi per aggiungere un commento.

Non hai trovato quello che cerchi?

Nuovo post

XSS Protection in tickets from API

1 commento

Non hai trovato quello che cerchi?

Argomenti comuni

Guide basate sui ruoli

Risorse aggiuntive