diff options
| author | Tim Graham <timograham@gmail.com> | 2018-06-22 09:36:17 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2018-06-22 10:19:50 -0400 |
| commit | 02cd16a7a04529c726e5bb5a13d5979119f25c7d (patch) | |
| tree | 4a4fe1b55c487163ba97f6a8e8a28b562e3dfef1 /docs/ref | |
| parent | 9af83a62e7639567afde8b76ce70e7982873e4c5 (diff) | |
Refs #17419 -- Removed IE8 support in json_script example.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/templates/builtins.txt | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index a3e429d1c4..b77b6097e1 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -1814,8 +1814,7 @@ The resulting data can be accessed in JavaScript like this: .. code-block:: javascript - var el = document.getElementById('hello-data'); - var value = JSON.parse(el.textContent || el.innerText); + var value = JSON.parse(document.getElementById('hello-data').textContent); XSS attacks are mitigated by escaping the characters "<", ">" and "&". For example if ``value`` is ``{'hello': 'world</script>&'}``, the output is: |
