faetalize opened this issue a year ago · 0 comments
currently, if you send html tags, they will be rendered and not escaped. that is a problem. one could include <script> tags or other harmful inputs and they will be added to the document