You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Trusted Types helps prevent DOM-based XSS to appear on Web applications.
Given that jQuery also support Trusted Types, adding support for Trusted Types to Knockout would be a good idea.
Most of the changed would be to pass given html without modification, especially if the html is a TrustedHTML.
This means if we add support for the Trusted Types AND a web developer would like to enforce Trusted Types, following code would not work.
Trusted Types helps prevent DOM-based XSS to appear on Web applications.
Given that jQuery also support Trusted Types, adding support for Trusted Types to Knockout would be a good idea.
Most of the changed would be to pass given html without modification, especially if the html is a
TrustedHTML
.This means if we add support for the Trusted Types AND a web developer would like to enforce Trusted Types, following code would not work.
Instead, above code has to changed to something safer.
The text was updated successfully, but these errors were encountered: