UNPKG

@lwc/engine-server

Version:

Renders LWC components in a server environment.

lwc.dev

salesforce/lwc

16 lines (15 loc) 905 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
/** * The text content inside `<style>` is a special case. It is _only_ rendered by the LWC engine itself; <style> tags * are disallowed inside of templates. Also, we want to avoid over-escaping, since CSS containing strings like * `&amp;` and `&quot;` is not valid CSS (even when inside a `<style>` element). * * However, to avoid XSS attacks, we still need to check for things like `</style><script>alert("pwned")</script>`, * since a user could use that inside of a *.css file to break out of a <style> element. * @param contents CSS source to validate * @throws Throws if the contents provided are not valid. * @see https://github.com/salesforce/lwc/issues/3439 * @example * validateStyleTextContents('div { color: red }') // Ok * validateStyleTextContents('</style><script>alert("pwned")</script>') // Throws */ export declare function validateStyleTextContents(contents: string): void;