Fix stringifying dangerous HTML attribute

lustre-labs / lustre

A Gleam web framework for building HTML templates, single page applications, and real-time server components.

https://hexdocs.pm/lustre

MIT License

949 stars 65 forks source link

Closed Nicd closed 6 months ago

Nicd commented 6 months ago

As per our Discord discussion. This makes dangerous inner HTML appear when element.to_string is used.

This was tested with a path dep on RC2.