You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In some places we use {{{}}} to render our own data (example). Those are fine.
However, we should remove {{{ }}} in places where we render user data (example]. Those are there to render code snippets and links in helpText and audit descriptions. Instead, we should create Handlebar helpers to render links and code snippets.
In some places we use
{{{}}}
to render our own data (example). Those are fine.However, we should remove
{{{ }}}
in places where we render user data (example]. Those are there to render code snippets and links inhelpText
and audit descriptions. Instead, we should create Handlebar helpers to render links and code snippets.http://handlebarsjs.com/reference.html#base-escapeExpression
This works today if it appears in json loaded into the app:
"helpText": "<img src=\"test.gif\" onerror=\"alert('oops')\"> Text..."
The text was updated successfully, but these errors were encountered: