You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is related to #181 but I don't think it has been called out explicitly as a problem there. If you have some Markup/PreEscaped and slot it into an attribute then that is passed on without any further escaping, but Markup is escaped to be valid HTML not to be valid attribute content.
For example:
let title = maud::html! {"With " a href="https://example.com"{"a link in it"}};let result = maud::html! {
meta property="og:title" content=(title);};println!("{}", result.into_string());
Output:
<meta property="og:title" content="With <a href="https://example.com">a link in it</a>">
There are multiple possible solutions here:
either the input needs to be re-escaped for the correct context
or putting already-encoded input from the wrong context in should produce an error (since even the escaped version here is going to be dubious, even if it's safe, probably the intent is really to use the equivalent of textContent, but that cannot be decided in advance)
The text was updated successfully, but these errors were encountered:
This is related to #181 but I don't think it has been called out explicitly as a problem there. If you have some
Markup/PreEscapedand slot it into an attribute then that is passed on without any further escaping, butMarkupis escaped to be valid HTML not to be valid attribute content.For example:
Output:
There are multiple possible solutions here:
textContent, but that cannot be decided in advance)The text was updated successfully, but these errors were encountered: