I'm using a free template as a front end in my application and the main javascript file came out as a high risk as it's vulnerable to a dom based cross site scripting.Is there a way to sanitize the javascript function inside a javascript file? I searched and i found a .net library "System.Web.Security.AntiXss" that works on the server side but what should i use in this js file? the js file:
// Activate smooth scroll on page load with hash links in the url
$(document).ready(function() {
if (window.location.hash) {
var initial_nav = window.location.hash;
if ($(initial_nav).length) {
var scrollto = $(initial_nav).offset().top - scrolltoOffset;
$('html, body').animate({
scrollTop: scrollto
}, 1500, 'easeInOutExpo');
// Toggle .header-scrolled class to #header when page is scrolled
$(window).scroll(function() {
if ($(this).scrollTop() > 100) {
} else {
if ($(window).scrollTop() > 100) {
// Back to top button
$(window).scroll(function() {
if ($(this).scrollTop() > 100) {
} else {
$('.back-to-top').click(function() {
$('html, body').animate({
scrollTop: 0
}, 1500, 'easeInOutExpo');
return false;
// jQuery counterUp
delay: 10,
time: 1000
// Init AOS
function aos_init() {
duration: 1000,
easing: "ease-in-out",
once: true,
mirror: false
$(window).on('load', function() {
Thank you in advance.