I propose to add a new Sightly context for XML content. This will remove/encode markup that contains XSS risks, similar to context="html" and allow better semantics.
Right now the same result can be achieved using context="html" but this is not obvious and might encourage developers to use unsafe context.
I propose to add a new Sightly context for XML content. This will remove/encode markup that contains XSS risks, similar to
context="html"and allow better semantics.Right now the same result can be achieved using
context="html"but this is not obvious and might encourage developers to use unsafe context.