views:

106

answers:

4

My strings will hold the values:

"["
"[/blah]"

do I need to escape anything?

Is it just doubling the /?

A: 

Escape for what purpose? I at least don't see any XSS risks in the particular string.

BalusC
+3  A: 

you don't have to do anything / is not a special character

Marek Karbarz
+2  A: 

If your string are "[" "[/blah]", then you don't need to escape anything if you use single quote:

var foo = '"[" "[/blah]"';
rockacola
+1  A: 

Since this is a literal string square brackets or forward slash will not be interpreted so in your example you don't need to escape anything. Doubling applies to a backward slash only \

DroidIn.net