DayPilotDayPilot
Products
Support
DayPilot Pro JavaScript API Reference
DayPilot API Reference » DayPilot.Month Class » DayPilot.Month Properties » DayPilot.Month.xssProtection

DayPilot.Month.xssProtection

The xssProtection property (string) enables the built-in cross-site scripting (XSS) protection.

Declaration

DayPilot.Month.xssProtection

Possible Values

  • "Enabled" - HTML-encodes text strings supplied through the API.

  • "Disabled" - leaves developer-supplied text strings unescaped.

Default Value

"Enabled"

Notes

When XSS protection is enabled, text values provided through the API are escaped automatically before rendering. Disable it only when you need to render trusted HTML content.

Examples

JavaScript

const dp = new DayPilot.Month("dp", {
  xssProtection: "Disabled",
  // ...
});
dp.init();

Angular

<daypilot-month [config]="config"></daypilot-month>
config: DayPilot.MonthConfig = {
  xssProtection: "Disabled",
  // ...
};

React

<DayPilotMonth
  xssProtection="Disabled"
  {/* ... */}
/>

Vue

<DayPilotMonth
  xssProtection="Disabled"
  <!-- ... -->
/>

See Also

DayPilot.Month Class

Availability

Availability of this API item in DayPilot editions:

LitePro
DayPilot for JavaScript

Products

Resources

Tools

About Us

DayPilot Pro

Event calendar/scheduling AJAX components. Available for JavaScript/HTML5/jQuery, ASP.NET, ASP.NET MVC. Build resource booking, project management, time tracking applications, personal and shared event calendars.