Interpolated content not escaped?

[joepie91]

Describe the bug

Looking at the starter template, I noticed that interpolated strings do not appear to get escaped (as evidenced by the possibility of interpolating HTML without using dangerouslySetInnerHTML).

In standard React + React-DOM, interpolated content would always be escaped by default, and HTML structure is expected to be expressed through actual tags. This not only prevents XSS issues (probably less relevant in this case), but also ensure that text containing < or > is not misinterpreted to be HTML by accident, which would mess up display.

However, it seems that react-nodegui doesn't do that, which would make it awkward to safely interpolate values into the UI. Am I missing something here? Or is this an intentional design decision? And if so, how is the "avoiding misinterpretation as HTML" issue meant to be avoided?

To Reproduce
Steps to reproduce the behavior:
N/A, see permalinked code

Expected behavior
Interpolation should work like in standard React + React-DOM usage, automatically escaping all interpolated values and only permitting HTML when dangerouslySetInnerHTML is used.

Screenshots
If applicable, add screenshots to help explain your problem.

N/A

Desktop (please complete the following information):
N/A, see permalinked code

Additional context
N/A