like many people (I think), I get warnings in console when binding style attributes to elements in my templates.
For example, I got an ember view containing a div which has this style attribute :
style="{{view.isClosing}};"
Now, I get the warning that this string is not escapes properly and can makes that vulnerable to XSS attacks.
I went to this link : http://ift.tt/1D1H48Q
And then tried putting this in my view :
isClosing: Ember.computed('display', function () {
if (this.get('conv.isClosing')) {
return new Ember.Handlebars.SafeString("display:");
} else {
return new Ember.Handlebars.SafeString("display: " + this.get('display'));
};
}),
The warning does not disappear, and when I try doing it with the function escapeCSS as they say in the doc, it tells me that escapeCSS is not defined. Now what is this function and how should I do it?
Thank you
Aucun commentaire:
Enregistrer un commentaire