June 25, 2022 at 01:57PM

■■■■■ Good bye to XSS.

// this is safe by default
document.body.setHTML(‘unsafe HTML here’)

Firefox: about:config#dom.security.sanitizer.enabled
Chrome: chrome://flags#enable-experimental-web-platform-features

More info here: https://wicg.github.io/sanitizer-api/#dom-element-sethtml

https://t.me/cKure/11521