Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape hatch to bypass Phlex HTML safety #718

Open
joeldrapper opened this issue May 15, 2024 · 1 comment
Open

Escape hatch to bypass Phlex HTML safety #718

joeldrapper opened this issue May 15, 2024 · 1 comment
Assignees
@bradgessler
Labels
good first issue Good for newcomers

Comments

@joeldrapper
Copy link
Collaborator

@bradgessler recently brought up the need for this again, and suggested having a safe method that we can use to wrap any safe value.

div(onclick: safe("foo")) { "Foo" }
a(href: safe("javascript:bar")) { "Bar" }

I think this would work quite nicely. safe could return a Phlex::SafeValue, e.g.

def safe(value)
  Phlex::SafeValue.new(value)
end

And we can check for that when building attributes.

if Phlex::SafeValue === value
  ...
end
@joeldrapper joeldrapper added the good first issue Good for newcomers label May 15, 2024
@bradgessler
Copy link
Contributor

Draft PR at #719

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bradgessler bradgessler

Labels
good first issue Good for newcomers
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradgessler @joeldrapper