-
Currently when outputting values in an attribute JTE only checks if the attribute starts with `on` and then escapes it as javascript attribute:
```
if (attributeName.startsWith("on")) {
Escape.…
-
I want to reuse a common component (MDX) in several areas of my OpenAPI spec as shown in the example below.
The `` tags are getting passed through, but the ``, which of course makes the component n…
-
In various benchmarks that @littledivy and @billywhizz did we see that escaping HTML that a huge chunk of time in React SSR examples.
It's clearly a bottleneck that could be addressed by having a …
-
We have HTML inside an order attribute we'd like to output in a Liquid template in Shopify - specifically it's in `order.attributes`.
Just doing e.g. `{{ order.attributes.myHtmlVariable }}` is esca…
-
``
When '{}' or',' in html , How to escape?
-
As the title says, when we parse something from markdown we don't end up html-escaping any ampersands to `&` in resulting HTML.
We should try to squeeze this in to our markdown-to-html parsing …
-
Not able to identify whether the input document has `&` or `&` in the text node, since Jsoup escapes the character in text node. Same goes to other entities like `
-
Can this behaviour please be documented and warned of in the main readme and function comments?
Current users might be relying on the sanitised return values and wouldn't be expecting this to chan…
-
```
Is it possible to escape/sanitize code, similar to Rails? Example:
,
or
or probably just a double percentage?
I feel this is pretty important feature to have.
```
Original issue reported on c…
-
```
Is it possible to escape/sanitize code, similar to Rails? Example:
,
or
or probably just a double percentage?
I feel this is pretty important feature to have.
```
Original issue reported on c…