Closed danielweck closed 2 years ago
I am retracing this issue. According to my tests in Safari and Firefox (MacOS), my <script type="text/javascript">...</script>
markup generated by serializeElement()
via result.head.elements
doesn't seem to mind <
, >
or &
, in Javascript code or in string literals. I assume the same for <script type="wmrdata">...</script>
.
When the
result.data
object contains strings with<
or>
or&
non-escaped characters, this trips the HTML parser:https://github.com/preactjs/wmr/blob/11663db6104171bcebd434ad4443e1fcb3dcea68/packages/wmr/src/lib/prerender.js#L182
Suggestion, use the existing
enc()
function?https://github.com/preactjs/wmr/blob/11663db6104171bcebd434ad4443e1fcb3dcea68/packages/wmr/src/lib/prerender.js#L55-L57