Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

API returns js and/or html in json responses

Discussion in 'cPanel Developers' started by Cristi4n, Feb 19, 2014.

  1. Cristi4n

    Cristi4n Well-Known Member

    Jul 2, 2006
    Likes Received:
    Trophy Points:
    I was wondering if there is a way to get rid of the js and html from a json response.
    I don't believe it's a very good practice to let some js/html code in an answer that's supposed to be simple.
    Can we separate that in a 'raw' key at least, as it's already done with other messages ?
    I am expecting statusmsg to be a simple text so I can return it directly to a user.

    An example is here, at the bottom of the page, the json response (the same is returned in a production environment):
    SuspendAccount < SoftwareDevelopmentKit < TWiki

    {'result': [{'status': 1,
    'statusmsg': '<script>if (window.clear_ui_status) clear_ui_status();</script>.....}]}
  2. morissette

    morissette Well-Known Member

    May 24, 2009
    Likes Received:
    Trophy Points:
    Austin, TX
    cPanel Access Level:
    Root Administrator
    Able to replicate:

    root@dev [~]# php test.php
    object(SimpleXMLElement)#2 (1) {
    object(SimpleXMLElement)#3 (2) {
    string(1) "1"
    string(750) "<script>if (window.clear_ui_status) clear_ui_status();</script>
    Changing Shell to /bin/false...Changing shell for kyle.
    Warning: "/bin/false" is not listed in /etc/shells
    Shell changed.
    Locking Password...Locking password for user kyle.
    passwd: Success
    1Suspending email account logins for .... Done
    Suspending email account logins for .... Done
    Suspending mysql users
    Using Universal Quota Support (quota=0)
    Suspended document root /home/kyle/public_html
    Using Universal Quota Support (quota=0)
    Updating ftp passwords for kyle
    Ftp password files updated.
    Ftp vhost passwords synced
    kyle's account has been suspended

    I'd recommend just using the status returned and creating your own statusmsg otherwise you can strip <script>.*?</script> using preg_replace in php or =~ s///g in perl
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice