Add javascript alert onclick handler to Raw example (#82)

Makes for fun XSS testing.

Markus Wüstenberg markus@maragu.dk

Wed, 09 Jun 2021 10:56:22 +0200

commit

0efc71d6f326efc88d25688f50f83b948b40fc38

parent

ba0d83f4fb1b588f7931b9a31609807adfa11163

1 files changed, 4 insertions(+), 2 deletions(-)

jump to

gomponents_test.go

M gomponents_test.go → gomponents_test.go

@@ -205,9 +205,11 @@ }) }
 
 func ExampleRaw() {
-	e := g.El("span", g.Raw("<strong>Party</strong> hats &gt; normal hats."))
+	e := g.El("span",
+		g.Raw(`<button onclick="javascript:alert('Party time!')">Party hats</button> &gt; normal hats.`),
+	)
 	_ = e.Render(os.Stdout)
-	// Output: <span><strong>Party</strong> hats &gt; normal hats.</span>
+	// Output: <span><button onclick="javascript:alert('Party time!')">Party hats</button> &gt; normal hats.</span>
 }
 
 func TestGroup(t *testing.T) {

all repos — gomponents @ 0efc71d6f326efc88d25688f50f83b948b40fc38

HTML components in pure Go