annotate tests/dtable.ur @ 1710:540df112ff62
Remove string-valued style attribute, which may allow injection attacks
author |
Adam Chlipala <adam@chlipala.net> |
date |
Sun, 15 Apr 2012 12:40:53 -0400 |
parents |
25a038a9194b |
children |
|
rev |
line source |
adamc@899
|
1 fun main () =
|
adamc@899
|
2 s <- source <xml><tr><td>A</td><td>A'</td></tr></xml>;
|
adamc@899
|
3 return <xml><body>
|
adamc@899
|
4 <button value="Click me!" onclick={set s <xml><tr><td>B</td><td>B'</td></tr><tr><td>C</td><td>C'</td></tr></xml>}/><br/>
|
adamc@899
|
5 <table><tr><td>Pre</td><td>Pre'</td></tr><dyn signal={signal s}/><tr><td>Post</td><td>Post</td><td>Post'</td></tr></table>
|
adamc@899
|
6 </body></xml>
|