Details
-
Improvement
-
Resolution: Unresolved
-
P3: Somewhat important
-
None
-
None
-
None
-
None
Description
The existing solution for processing search terms uses the escapeHTML() function directly within JavaScript, which, while mitigating certain risks, still employs the potentially hazardous practice of manipulating HTML code directly through innerHTML.
Recommendations:
- Refactor the relevant parts of the JavaScript code to construct and manage DOM nodes properly instead of manipulating innerHTML.
Search is currently on the Google API side mostly.