Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from http://developer.mozilla.org/en-US/docs/Web/API/TrustedHTML/toString below:

TrustedHTML: toString() method - Web APIs

Limited availability

Note: This feature is available in Web Workers.

The toString() method of the TrustedHTML interface returns a string which may safely inserted into an injection sink.

None.

A string containing the sanitized HTML.

The constant escaped is an object created via the Trusted Types policy escapeHTMLPolicy. The toString() method returns a string to safely insert into a document.

const escapeHTMLPolicy = trustedTypes.createPolicy("myEscapePolicy", {
  createHTML: (string) => string.replace(/</g, "&lt;"),
});

const escaped = escapeHTMLPolicy.createHTML("<img src=x onerror=alert(1)>");
console.log(escaped.toString());

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4