mirror of
https://github.com/dart-lang/sdk
synced 2024-09-22 03:28:40 +00:00
8a5d0491e4
This is a XSS-prevention recommendation. If escaped code is only ever used inside a quoted attribute or as element text, escapeing '/' is not necessary. However, if the escaped code is inserted inside a tag (for example assuming that it is a well-behavde attribute), then a slash may be meaningful in some cases. Lots of other things can go wrong in that case, so we recommend against it. R=sgjesse@google.com Review URL: https://codereview.chromium.org//1084473003 git-svn-id: https://dart.googlecode.com/svn/branches/bleeding_edge/dart@45153 260f80e4-7a28-3924-810f-c04153c831b5 |
||
---|---|---|
.. | ||
bin | ||
lib | ||
api_readme.md |