Mercurial > urweb
view tests/vlad4.ur @ 1710:540df112ff62
Remove string-valued style attribute, which may allow injection attacks
| author | Adam Chlipala <adam@chlipala.net> |
|---|---|
| date | Sun, 15 Apr 2012 12:40:53 -0400 |
| parents | fe470db7feea |
| children |
line wrap: on
line source
fun main () : transaction page = s <- source ""; return <xml><body> <ctextbox source={s} value="123" onchange={s <- get s; alert (s ^ "!")}/> <dyn signal={s <- signal s; return (txt s)}/> </body></xml>