Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
New $html special attribute.
See original GitHub issueCurrent implementation processes $text value as innerHTML: Here is a code:
if(key === "$text"){
if(typeof val === "function") val = Phenotype.multiline(val);
if(val.toString().length > 0) {
$node.innerHTML = val;
}
}
My proposal is to use new $html attribute for this purpose:
if(key === "$html"){
if(typeof val === "function") val = Phenotype.multiline(val);
if(val.toString().length > 0) {
$node.innerHTML = val;
}
}
and in case of $text, we append text content to node.:
if(key === "$text"){
. . .
var textnode=document.createTextNode(val);
$node.appendChild(textnode);
}
Issue Analytics
- State:
- Created 6 years ago
- Comments:10 (7 by maintainers)
Top Results From Across the Web
HTML Attribute Reference - W3Schools
HTML Attribute Reference. The table below lists all HTML attributes and what elements they can be used within: Attribute, Belongs to, Description.
Read more >HTML attribute reference - HTML: HyperText Markup Language
Attribute Name Elements Description
accept‑charset List of supported charsets.
align, , , , , , , , , , , , , Specifies the horizontal...
Read more >HTML - Attributes - Tutorialspoint
Generic Attributes ; class, User Defined, Classifies an element for use with Cascading Style Sheets. ; width, Numeric Value, Specifies the width of...
Read more >HTML Attribute list - Dofactory
An HTML element can have one or more attributes which provide additional information to the element. They are placed inside the element's opening...
Read more >HTML attribute - Wikipedia
HTML attributes are special words used inside the opening tag to control the element's behaviour. HTML attributes are a modifier of an HTML...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Why not use
innertextfor$textandinnerHTMLfor$html?What @fprijate is asking for sounds to me like protection from XSS vulnerabilities. Speaking for myself, I would not expect HTML content added to
$textto be active; that sounds like a pretty big security hole actually. In fact, if you do add an$html, I would recommend naming it something like$unsafeHtmlinstead to make it very clear that it must never be used to insert anything that comes from user content.