jquery - EncodeUri Function in JavaScript -

i generating search output based on user query , generating search result pages

location.href = root_url + "searchcenter/pages/internal.aspx" + "?q=" + st 

i looking protecting against xss attacks.

i using encodeuri protect against attack with

encodeuri("http://server.com/searchcenter/pages/internal.aspx?q=<script>alert('dd')</script>)"  

which outputs

http://server.com/searchcenter/pages/internal.aspx?q=%3cscript%3ealert('dd')%3c/script%3e) 

now if instead of tag enter javascript:alert('dd') encodeuri not protect against.

so question is there js library or function can use protect against url xss attacks.

you should solve server side. never trust client whatever sends should vetted on server before being rendered in html. accept whatever send , use server component make sure whatever gets outputted safe.