I am using this following piece of code in my script.
var queryParams = new URLSearchParams(window.location.search);
when i ran codeql scanner it is showing warning at ‘window.location.search’ says below
“Cross-site scripting vulnerability due to user-provided value.”
i want to sanitize window.location.search but without any libraries as I don’t have enough permission to use libraries.
I am not sure how to sanitize, I tried but couldn’t find a proper solution.