Version

WARNING You're browsing the documentation for an upcoming version of Laravel DataTables. The documentation and features of this release are subject to change.

XSS filtering

Since v7.0, all dataTable response are encoded to prevent XSS attack. In case you need to display html on your columns, you can use rawColumns api.

action column is allowed as raw by default.

Raw Columns

return DataTables::eloquent(Role::select())
            ->rawColumns(['name', 'action'])
            ->toJson();

Other XSS methods

Escape selected fields

return DataTables::eloquent(Role::select())
            ->escapeColumns(['name'])
            ->toJson();

Escape all columns

return DataTables::eloquent(Role::select())
            ->escapeColumns()
            ->toJson();

Remove escaping of all columns

return DataTables::eloquent(Role::select())
            ->escapeColumns([])
            ->toJson();

Escape by output index

return DataTables::eloquent(Role::select())
            ->escapeColumns([0])
            ->make();

Edit this page on GitHub