Will the script render? If so, you've just opened a security hole.
A better method is to read the data after the page loads with an AJAX call. This means your data is never loaded on the page so a script cannot be injected. With JQuery:
$(document).ready(function(){
$.get( getJsonData", function(data) {
//Now you have your data. Use it to load your component.
});
});
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Be careful with Html.Raw. It can lead to XSS attacks.
For instance, what if somebody puts in the JSON data:
Will the script render? If so, you've just opened a security hole.
A better method is to read the data after the page loads with an AJAX call. This means your data is never loaded on the page so a script cannot be injected. With JQuery: