How can I make this more secure and safe: Strip unsafe characters from title

Question

0

Editorial Team

Asked: May 27, 20262026-05-27T11:44:40+00:00 2026-05-27T11:44:40+00:00

How can I make this more secure and safe: Strip unsafe characters from title

0

How can I make this more secure and safe:

Strip unsafe characters from title
Prevent undefined errors

Code so far:

// Open HREF in popup window
$('.external').bind('click', function () {
    var url = $(this).attr("href");
    var title = ($(this).attr("data-popup-title")) ? $(this).attr("data-popup-title") : $(this).attr("title");
    var image = $(this).attr("data-popup-image");
    var width = ($(this).attr("data-popup-width")) ? $(this).attr("data-popup-width") : '626';
    var height = ($(this).attr("data-popup-height")) ? $(this).attr("data-popup-height") : '436';
    window.open('http://www.facebook.com/sharer.php?s=100&amp;p[title]=' + title + '&amp;p[url]=' + url + '&amp;&p[images][0]=' + image, 'sharer', 'toolbar=0,status=0,width='+width+',height='+height);
    return false;
});

Also is it best practice to return false or use the preventDefault()?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T11:44:41+00:00

Editorial Team

2026-05-27T11:44:41+00:00Added an answer on May 27, 2026 at 11:44 am

It’s not about best-practices, preventDefault() and return false do different things. Returning false prevents the event from bubbling up through other handlers, while preventDefault simply prevents the default “click” action (typically following the href of the link) from occurring after all other event handlers have run.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

How can I make this more secure and safe: Strip unsafe characters from title

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply