Skip to content
Icon

WARNING You're browsing the documentation for an old version of LARAVEL-DATATABLES. Consider upgrading your project to laravel-datatables 11.0.

XSS filtering

Since v7.0, all dataTable response are encoded to prevent XSS attack. In case you need to display html on your columns, you can use rawColumns api.

action column is allowed as raw by default.

Raw Columns

return DataTables::eloquent(Role::select())
->rawColumns(['name', 'action'])
->toJson();

Other XSS methods

Escape selected fields

return DataTables::eloquent(Role::select())
->escapeColumns(['name'])
->toJson();

Escape all columns

return DataTables::eloquent(Role::select())
->escapeColumns()
->toJson();

Remove escaping of all columns

return DataTables::eloquent(Role::select())
->escapeColumns([])
->toJson();

Escape by output index

return DataTables::eloquent(Role::select())
->escapeColumns([0])
->make();