Evaluating lines that contain HTML leads to XSS

[MrMebelMan]

Evaluation of this string

'<iframe src="https://player.vimeo.com/video/148751763?title=0&byline=0&portrait=0&transparent=0&autoplay=1" width="640" height="480" frameborder="0" allow="autoplay; fullscreen" allowfullscreen></iframe>'

leads to iframe being injected in the logger window 🕺

I've found this after investigating why I can't see Player objects when executing print(Clock)

Here's the related PR that adds HTML escaping to both input and subprocess output: https://github.com/KoltesDigital/atom-foxdot/pull/13

[KoltesDigital]

Wow I've been ... 😆

Fixed by 451dee9850ed079013fcf18188f4f21226254876. Discussion continues in the PR #13.