Ember's research into JSON-in-html escaping.https://twitter.com/wycats/status/786708690879610882 …
-
-
ohhh sorry, was sharing it because it was the best answer I got
- I'm now doing the same. -
I'm a little worried about pre-html5 browsers, but I can't think of anything that'd be a problem, since < is encoded.
-
I guess the most conservative thing would be to stuff it in a data-attribute since html escaping is more battle tested…
-
but your solution seems nicer - thanks!
-
fwiw, another plausible solution is: <svg style="display: none"><![CDATA[whatevs]]></svg>pic.twitter.com/vmlv7YonqL
-
you have to be sure to escape `]]>` (easier) and CDATA is only allowed in non-HTML elements (limited options)
-
not that I'm aiming to support it, but does IE8 understand CDATA? It doesn't understand SVG.
End of conversation
New conversation -
-
-
I'd be interested to see how much it affects perf for large JSON blobs (just cause it seems like overkill to me)
-
(size too actually)
-
And by overkill, I mean compared with matching the exact things that cause problems, iehttps://github.com/mhart/react-server-example/blob/master/server.js#L107 …
-
this simpler solution makes me worry about things like CDATA and IE conditional comments. Probably fine though.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
What'd you think?