Closed mheiber closed 8 years ago
Fixes #196
Uses $.text() instead of $('<li>' + unsafeContent + '</li>); : so the tutorial doesn't encourage practices that are vulnerable to cross-site scripting.
$.text()
$('<li>' + unsafeContent + '</li>);
See Cross-Site Scripting Prevention Cheat Sheet
Whoops! Sorry about that.
Looks good, thanks!
Fixes #196
Uses
$.text()
instead of$('<li>' + unsafeContent + '</li>);
: so the tutorial doesn't encourage practices that are vulnerable to cross-site scripting.See Cross-Site Scripting Prevention Cheat Sheet