samedi 13 juin 2015

How to stop Ember.Handlebars.Utils.escapeExpression escaping apostrophes

I'm fairly new to Ember, but I'm on v1.12 and struggling with the following problem.

  • I'm making a template helper
  • The helper takes the bodies of tweets and HTML anchors around the hashtags and usernames.

The paradigm I'm following is:

  1. use Ember.Handlebars.Utils.escapeExpression(value); to escape the input text
  2. do logic
  3. use Ember.Handlebars.SafeString(value);

However, 1. seems to escape apostrophes. Which means that any sentences I pass to it get escaped characters. How can I avoid this whilst making sure that I'm not introducing potential vulnerabilities?




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)