Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Script tags are executed when switching out of codeview #1462
If the user puts script tags into the codeview, the scripts are executed when trying to switch back to WYSIWYG. This happens for both inline scripts, e.g.
It has the side effect of also trapping the user in the codeview if they enter some invalid JS. I came across this while trying to test my own input sanitization by putting