If you want to embed any of the jQuery based workarounds, then there should be a
- You don’t need to disable the internal Limesurvey XSS filter if you add the code directly at the template.js file.
- You can add your code ot the existing $(document).ready(function()).
- It is very easy to update/modify.
- The file is loaded at every page call, so it might cause some overhead if you only need the script for a certain survey question(s).
Furthermore, you have to disable the Limesurvey XSS filter at
Global settings -> Security -> “Filter HTML for XSS” = “No”.
Once you have done this, you can use the following code snippets. Copy them to the affected question/group text in source code mode and test if the alert message appears:
2. Adding jQuery code
- The code will only be loaded once (for the affected group/question).
- You can easily have several similar code snippets and just change some IDs in the code without having any overhead.
- Limesurvey placeholders and Expression Manager tags are parsed.
- You have to disable the internal XSS filter for which requires admin access to the Limesurvey installation.
- The code will be split over several questions and gets harder to maintain if you add many different script snippets.