view tests/dtable.ur @ 1710:540df112ff62

Remove string-valued style attribute, which may allow injection attacks
author Adam Chlipala <adam@chlipala.net>
date Sun, 15 Apr 2012 12:40:53 -0400
parents 25a038a9194b
children
line wrap: on
line source
fun main () =
  s <- source <xml><tr><td>A</td><td>A'</td></tr></xml>;
  return <xml><body>
    <button value="Click me!" onclick={set s <xml><tr><td>B</td><td>B'</td></tr><tr><td>C</td><td>C'</td></tr></xml>}/><br/>
    <table><tr><td>Pre</td><td>Pre'</td></tr><dyn signal={signal s}/><tr><td>Post</td><td>Post</td><td>Post'</td></tr></table>
  </body></xml>