Skip to content

Commit

Permalink
Review feedback.
Browse files Browse the repository at this point in the history
  • Loading branch information
@otherdaniel
otherdaniel committed Apr 17, 2024
1 parent 19734a6 commit a556353
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion index.bs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -858,7 +858,7 @@ new document. Therefore Sanitizer API is not directly affected by mutated XSS.

If a developer were to retrieve a sanitized node tree as a string, e.g. via
`.innerHTML`, and to then parse it again then mutated XSS may occur.
We recommend against this practice. If processing or passing of HTML as a
We discourage this practice. If processing or passing of HTML as a
string should be necessary after all, then any string should be considered
untrusted and should be sanitized (again) when inserting it into the DOM. In
other words, a sanitized and then serialized HTML tree can no
Expand Down

0 comments on commit a556353

Please sign in to comment.