Closed chemerisuk closed 9 years ago
Ok, I found a simpler way to handle escaping HTML:
DOM.emmet("a>`{b}`", {b: "<b>"});
// => "<a>>b<</a>"
Value inside of inner text node will always be escaped. This change will be included into DOM.emmet
(not in DOM.format
as I was thinking before) in the next release.
DOM.format
can be used to construct HTML. Thats why having{...}
that does not encode input values is not the best solution. Therefore need to add support for both safe and unsafe (it can also be useful) injections. Mustache has a good syntax for that familiar to any front-end developer:It would be nice to add nested object support as well:
Because
DOM.format
is going to be executed in JavaScript code, there is no need to add logical operand support. They all can be covered by functors: