Function to Encode Values
Opened this issue · 0 comments
Nicholas-Westby commented
Add a function to HTML encode values. Would be useful for examples like this where users can type in markup and inject scripts if the values aren't encoded: https://www.dompiler.com/tutorial/forms/
Some ideas for doing that are here: https://stackoverflow.com/questions/5251520/how-do-i-escape-some-html-in-javascript
The createTextNode/innerHTML example seems like a good option.