view tests/sendurl.ur @ 1710:540df112ff62

Remove string-valued style attribute, which may allow injection attacks
author Adam Chlipala <adam@chlipala.net>
date Sun, 15 Apr 2012 12:40:53 -0400
parents 82ac88b4e0a7
children
line wrap: on
line source
fun main () =
    let
        fun getIt () = return (bless "http://www.yahoo.com/")
    in
        s <- source <xml/>;
        return <xml><body>
          <dyn signal={signal s}/>

          <button onclick={v <- rpc (getIt ()); set s <xml><a href={v}>Go!</a></xml>}/>
        </body></xml>
    end