Search jQuery

jQuery Forum

Developing jQuery Plugins

volter9

Form Preview plugin presentation

in Developing jQuery Plugins • 7 years ago

Hello everyone!

I want to present you my first jQuery plugin, Form Preview.

Form Preview is a plugin which allows you to visualize form input. Some examples of application for this plugin:

Website profile preview
Shop item card preview
Any preview, basically

Website with demo and github repository with documentation.

So what do you think about my plugin?

P.S.: I'm not sure if it suitable category, however, it's worth a try

Replies(6)

jakecigar

Re: Form Preview plugin presentation

7 years ago

Watch out for pasted Scripts and other HTML.

Paste "<script>alert('1')</script>" into the any field. I could have pasted something more evil!

JΛ̊KE

volter9

Re: Form Preview plugin presentation

7 years ago

Thanks for response, Jake!

Yeah, I know that <script> and other HTML elements can pass through, that's why I used .html(), it's client based, nothing can harm the front or back end of application (right?). I thinking about adding allowHTML flag to get more control over output.

jakecigar

Re: Form Preview plugin presentation

7 years ago

I could start off ajax calls which could do horrible things! As a plugin writer, you need to watch out for that kind of stuff.

If you make it an option, make sure it is off by default.

JΛ̊KE

volter9

Re: Re: Form Preview plugin presentation

7 years ago

"I could start off ajax calls which could do horrible things!"

Well, I'll definitely will check it on by default, but you could do AJAX call with console too. So what's the difference? Or would server consider request as "its" own request (same origin)?

jakecigar