cklein12 · cklein12 · Aug 8, 2024 · jit-ci · Aug 8, 2024
diff --git a/test.js b/test.js
@@ -0,0 +1,7 @@
+document.getElementById('userForm').addEventListener('submit', function(e) {
+  e.preventDefault();
+
+  // This is an unsafe practice and can lead to XSS vulnerabilities
+  const userInput = document.getElementById('userInput').value;
+  document.getElementById('content').innerHTML = userInput;
-  document.getElementById('content').innerHTML = userInput;
+  document.getElementById('content').textContent = userInput;
-  document.getElementById('content').innerHTML = userInput;
+  document.getElementById('content').textContent = userInput;
+});