Stared into Node's abyss. It stares back. Terror overwhelms me: NPM: "137,720 downloads in the last day"https://github.com/component/escape-html/blob/master/index.js …
-
-
Replying to @slightlylate
what did you expect? - require jsdom - assign textContent - read back innerHTML ? :)
1 reply 0 retweets 1 like -
Replying to @cramforce
: kinda yes? I mean,
@mathias is waaaaaaaaay ahead here, and it still isn't that:https://www.npmjs.com/package/he2 replies 0 retweets 5 likes
: I mean, in the Node community's defense, I'm sure *some* uses of "escape-html" aren't trivially XSSable.
8:02 PM - 10 Sep 2016
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.