jdrouet
commented
8 months ago 👋 Hi Erik, thanks for this comment. If you look at the current implementation of loaders (here) you can configure the parser so that the loader only allows some domains or paths. This is a good security if you use it in nodejs for example. If you use it in the browser, you have the browser security that won't let you some cross domain requests, etc. Do you have a specific use case in mind?
What is the state of our support for mj-include? Have we ironed out the potential security issues, WASM support and other considerations?
If so, I'd like to see what work is left and I can take it on.
If not, I'd like to work together to flesh out what decision points we have left