Browse Source
Automatically encode the leading '<' of non-html tag names so they do not confuse the HTML parser or produce invalid HTML output. This requires embedding a list of known HTML tags (a list of over 50 is now included). This will also cause some "unsafe" tags that were previously being passed through to be escaped (such as "script", "style", "object", "embed" etc.). Signed-off-by: Kyle J. McKay <mackyle@gmail.com>master
Kyle J. McKay
8 years ago
1 changed files with 26 additions and 17 deletions
Loading…
Reference in new issue