diff options
author | Lars Wirzenius <liw@liw.fi> | 2024-04-20 08:54:50 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2024-04-20 08:54:50 +0300 |
commit | 296dcf7ec3b45e085c41f4938dd8b1ad71e921b5 (patch) | |
tree | 6a933cadb27ce0337b084b8bd358e17bf2074772 | |
parent | e5110c887bf08f98a84c97a5fe67a6b8d81ecbf3 (diff) | |
download | html-page-296dcf7ec3b45e085c41f4938dd8b1ad71e921b5.tar.gz |
docs: make it clear that Element::push_html should b eavoided
Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
-rw-r--r-- | src/lib.rs | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -553,7 +553,9 @@ impl Element { } /// Append HTML to element. It will NOT be escaped, when the - /// element is serialized. + /// element is serialized. This is an easy to inject arbitrary + /// junk into the HTML. No validation is done. You should avoid + /// this if you can. pub fn push_html(&mut self, html: &str) { self.children.push(Content::html(html)); } |