Closed KyleAMathews closed 10 years ago
This module assumes the input is not guaranteed to be safe (e.g., may contain xss) and so any text is escaped (using html-escape). If you trust your input to not contain any malicious HTML, you could skip the escaping, but this module does not currently support that.
Ok, moving on then. Thanks :)
If you'd like to implement this there would be two changes needed:
escape()
href
attribute of an element)
E.g. convert
example.com
but notgoogle.com