DayPilotDayPilot
Products
Support
DayPilot Pro JavaScript API Reference
DayPilot API Reference » DayPilot.Calendar Class » DayPilot.Calendar Properties » DayPilot.Calendar.xssProtection

DayPilot.Calendar.xssProtection

The xssProtection property (string) enables the built-in cross-site scripting (XSS) protection in the JavaScript Calendar component.

Available since 2020.4.4701.

Declaration

DayPilot.Calendar.xssProtection

Possible Values

  • "Enabled" - HTML-encodes text strings supplied through the API.

  • "Disabled" - leaves developer-supplied text strings unescaped.

Default Value

"Enabled"

Notes

When XSS protection is enabled, developer-supplied strings are escaped automatically. If you need custom markup, use API properties intended for HTML content instead of disabling protection globally.

Examples

JavaScript

const calendar = new DayPilot.Calendar("dp", {
  xssProtection: "Disabled",
  // ...
});
calendar.init();

Angular

<daypilot-calendar [config]="config"></daypilot-calendar>
config: DayPilot.CalendarConfig = {
  xssProtection: "Disabled",
  // ...
};

React

<DayPilotCalendar
  xssProtection={"Disabled"}
  {/* ... */}
/>

Vue

<DayPilotCalendar
  :xssProtection="'Disabled'"
  <!-- ... -->
/>

See Also

XSS Protection [doc.daypilot.org]

DayPilot.Calendar Class

Availability

Availability of this API item in DayPilot editions:

LitePro
DayPilot for JavaScript

Products

Resources

Tools

About Us

DayPilot Pro

Event calendar/scheduling AJAX components. Available for JavaScript/HTML5/jQuery, ASP.NET, ASP.NET MVC. Build resource booking, project management, time tracking applications, personal and shared event calendars.