Update text.md

7 years ago · 078338a60e
parent f83a55d878
commit 078338a60e
1 changed files with 1 additions and 1 deletions
--- a/site/content/tutorial/01-introduction/06-html-tags/text.md
+++ b/site/content/tutorial/01-introduction/06-html-tags/text.md
@ -12,4 +12,4 @@ In Svelte, you do this with the special `{@html ...}` tag:
 <p>{@html string}</p>
 ```

-> Svelte doesn't perform any sanitization of the data before it gets inserted into the DOM via a @html-tag. In other words, if you use `{@html ...}` it's critical that you manually escape HTML that comes from sources you don't trust, otherwise you risk exposing your users to XSS attacks.
+> Svelte doesn't perform any sanitization of the expression inside `{@html ...}` before it gets inserted into the DOM. In other words, if you use this feature it's critical that you manually escape HTML that comes from sources you don't trust, otherwise you risk exposing your users to XSS attacks.