I am using MarkupText to be able to use translation labels with HTML markup. At the same time, I would like that the fields that are interpolated into the translation to be sanitised (e.g. <span> to be rendered as <span>). The background is that field contents are dynamic, and often come from user input, an API or URL parameters, so they are susceptible to cross-site scripting.
I am using
MarkupText
to be able to use translation labels with HTML markup. At the same time, I would like that the fields that are interpolated into the translation to be sanitised (e.g.<span>
to be rendered as<span>
). The background is that field contents are dynamic, and often come from user input, an API or URL parameters, so they are susceptible to cross-site scripting.