$(document).ready(function () { $("#postComment").on("click", function () { var commentInput = $("#commentInput").val(); $.ajax({ type: 'POST', url: 'CrossSiteScripting/stored-xss', data: JSON.stringify({text: commentInput}), contentType: "application/json", dataType: 'json' }).then( function () { getChallenges(); $("#commentInput").val(''); } ) }) var html = '

' + '

' + '

' + '

' + '

' + '

' + '

USER

' + '

DATETIME

' + '

' + '

COMMENT

' + '

' + '

'; getChallenges(); function getChallenges() { $("#list").empty(); $.get('CrossSiteScripting/stored-xss', function (result, status) { for (var i = 0; i < result.length; i++) { var comment = html.replace('USER', result[i].user); comment = comment.replace('DATETIME', result[i].dateTime); comment = comment.replace('COMMENT', result[i].text); $("#list").append(comment); } }); } })