Closed albkn closed 8 years ago
@@ master #42 diff @@
===================================
Files 7 8 +1
Lines 16 18 +2
Methods 0 0
Messages 0 0
Branches 0 0
===================================
+ Hits 16 18 +2
Misses 0 0
Partials 0 0
Powered by Codecov. Last updated by 327b008...959b74b
This is great - thanks for the amazing contribution @morcerf 👍
This adds
safeHtml
template tag andreplaceSubstitutionTransformer
The
safeHtml
tag is really similar tohtml
, but it does HTML escaping for strings coming from expression interpolations (strings coming from${ ... }
). The idea is that this new tag when combined with thehtml
tag can become a lightweight HTML templating system that is safe from XSS attacks.Example:
The
replaceSubstitutionTransformer
is similar to thereplaceResultTransformer
but replaces the results of substitutions instead of the end result. This is the transformer that does the regex replacement of characters needed in thesafeHtml
tag.