annotate tests/jsuni.ur @ 1710:540df112ff62

Remove string-valued style attribute, which may allow injection attacks
author Adam Chlipala <adam@chlipala.net>
date Sun, 15 Apr 2012 12:40:53 -0400
parents e81434513720
children
rev   line source
adamc@1087 1 fun main () =
adamc@1087 2 s1 <- source "";
adamc@1087 3 s2 <- source "";
adamc@1087 4
adamc@1087 5 let
adamc@1087 6 fun echo s = return s
adamc@1087 7
adamc@1087 8 fun echoer () =
adamc@1087 9 v1 <- get s1;
adamc@1087 10 v1' <- rpc (echo v1);
adamc@1087 11 set s2 v1'
adamc@1087 12 in
adamc@1087 13 return <xml><body>
adamc@1087 14 <dyn signal={v <- signal s2; return (cdata v)}/><hr/>
adamc@1087 15 <ctextbox source={s1}/> <button onclick={echoer ()}/>
adamc@1087 16 </body></xml>
adamc@1087 17 end