Name		Name	Last commit message	Last commit date
parent directory ..
designer		designer
README.md		README.md
html.jpeg		html.jpeg

README.md

HTML Injection

Description

Polymer will not stamp unescaped HTML via data-binding because it becomes a vulnerability for XSS attacks.

⚠️ This is a workaround to inject HTML into a page using bound data, but please note that it is still considered a vulnerability.

Usage

<nuxeo-inject-html result="[[someHtmlInAFieldOrVariable]]"></nuxeo-inject-html>

Installation

Studio Designer

Upload nuxeo-inject-html.html under Resources in Designer.
Import nuxeo-inject-html.html in your custom bundle file.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

inject-html

inject-html

designer

designer

README.md

README.md

html.jpeg

html.jpeg

README.md

HTML Injection

Description

Usage

Installation

Studio Designer

Files

inject-html

Directory actions

More options

Directory actions

More options

Latest commit

History

inject-html

Folders and files

parent directory

designer

designer

README.md

README.md

html.jpeg

html.jpeg

README.md

HTML Injection

Description

Usage

Installation

Studio Designer