I have build up an app which takes certain input at installation screen from the user.
During testing it was noticed that if we put
<Script>alert();</Script>
as input, the app fails at installation. To handle this, we encoded the input value before saving and it worked fine at localhost.
The same application is not working, and giving us the error after deployment.
I am looking for ways to handle this. Is it something related to production environment or do we have to handle it any other way.
What is the error that is returned while installing the app with this input for the iparams? Could you also please share the browser console or network logs related to this issue?
@yusrakhatri I’m able to install an app to Freshdesk as a custom app with the script tags for an iparams field value.
Could you please check if the issues persist regardless of the iparams value?