🔀 Escape attribute values when emitting static HTML. (#113)

* fix: add the escape function over custom attribute values * fix: update class and style attribute values to be escaped
author: bgw <29340584+bgwdotdev@users.noreply.github.com> 2024-04-25 19:19:15 +0100
committer: GitHub <noreply@github.com> 2024-04-25 19:19:15 +0100
commit: 93aeeb7a6316389f3bd4bbdb7a9ffc555677e719 (patch)
tree: 70d2443bf31090a320c56b1029d99c0c4bb05dd6 /birdie_snapshots
parent: 06b75022eed1e8bbed13a85cc8aeb18199040392 (diff)
download: lustre-93aeeb7a6316389f3bd4bbdb7a9ffc555677e719.tar.gz
lustre-93aeeb7a6316389f3bd4bbdb7a9ffc555677e719.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/birdie_snapshots/can_safely_escape_dangerous_symbols_in_attributes.accepted b/birdie_snapshots/can_safely_escape_dangerous_symbols_in_attributes.accepted
new file mode 100644
index 0000000..cbb7f9d
--- /dev/null
+++ b/birdie_snapshots/can_safely_escape_dangerous_symbols_in_attributes.accepted
@@ -0,0 +1,5 @@
+---
+version: 1.1.2
+title: Can safely escape dangerous symbols in attributes
+---
+<div example="{&quot;mykey&quot;: &quot;myvalue&quot;}" class="&#39;badquotes&#39;" style="background:&quot;&gt;&lt;script&gt;alert`1`&lt;/script&gt;;"></div>
+\ No newline at end of file
author	bgw <29340584+bgwdotdev@users.noreply.github.com>	2024-04-25 19:19:15 +0100
committer	GitHub <noreply@github.com>	2024-04-25 19:19:15 +0100
commit	93aeeb7a6316389f3bd4bbdb7a9ffc555677e719 (patch)
tree	70d2443bf31090a320c56b1029d99c0c4bb05dd6 /birdie_snapshots
parent	06b75022eed1e8bbed13a85cc8aeb18199040392 (diff)
download	lustre-93aeeb7a6316389f3bd4bbdb7a9ffc555677e719.tar.gz lustre-93aeeb7a6316389f3bd4bbdb7a9ffc555677e719.zip