msb-public
/
svelte
mirror of https://github.com/sveltejs/svelte
1
0
Code Issues Projects Releases Wiki Activity

typo

Browse Source
pull/2179/head
Richard Harris 7 years ago
parent 4a53da3cd6
commit 4d653f2635
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
site/content/tutorial/01-introduction/06-html-tags/text.md
Unescape View File

@ -12,4 +12,4 @@ In Svelte, you do this with the special `{@html ...}` tag:
<p>{@html string}</p> <p>{@html string}</p>
``` ```
> Svelte doesn't perform any sanitization of the data before it gets inserted into the DOM. In other words, it's critical that you manually escape HTML that comes from sources you don't trust, otherwise you risk exposing your users to XSS attacks > Svelte doesn't perform any sanitization of the data before it gets inserted into the DOM. In other words, it's critical that you manually escape HTML that comes from sources you don't trust, otherwise you risk exposing your users to XSS attacks.
Write Preview
Loading…
Cancel
Save