taigrr/wasm-experiments
1
0
Fork 0
mirror of https://github.com/taigrr/wasm-experiments synced 2025-01-18 04:03:21 -08:00
Code Issues Projects Releases Wiki Activity

Use innerText instead of innerHTML to discourage XSS risks

Browse Source 
Roberto Clapis (@empijei) pointed out to me that using innerHTML for
unformatted text is bad practice, so I've switched to using innerText
and SetTextContent instead.
This commit is contained in:
Johan Brandhorst
2018-08-17 10:26:43 +01:00
parent 31e31e865c
commit e481a67ae8
4 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fetch/main.go
View File

@@ -16,7 +16,7 @@ type writer dom.Element
// Write implements io.Writer.
func (d writer) Write(p []byte) (n int, err error) {
node := dom.GetDocument().CreateElement("div")
node.SetInnerHTML(string(p))
node.SetTextContent(string(p))
(*dom.Element)(&d).AppendChild(node)
return len(p), nil
}