encodedPromptOutputsBoolean(default: true)
Specifies whether the prompt outputs are HTML-encoded before being displayed in the output view. When set to true (default), the output is encoded and displayed as plain text, preventing any HTML formatting or scripts from being rendered.
Important: When set to
false, the output is rendered as raw HTML, allowing for custom formatting (such as rendering markdown as HTML). If you set this to false, you must ensure that the output is properly sanitized to prevent XSS attacks.
<div id="aiprompt"></div>
<script src="https://cdn.jsdelivr.net/npm/dompurify@3.2.5/dist/purify.min.js"></script>
<script src="https://unpkg.com/markdown@0.5.0/lib/markdown.js"></script>
<script>
$("#aiprompt").kendoAIPrompt({
service: "/api/llm",
encodedPromptOutputs: false,
promptResponse: function(e) {
// Convert markdown to HTML
let output = markdown.toHTML(e.output.output, "Maruku");
// Sanitize the HTML output
if (window.DOMPurify) {
e.output.output = DOMPurify.sanitize(output, { USE_PROFILES: { html: true } });
}
}
});
</script>In this article