UNPKG

@lwc/engine-server

Version:

Renders LWC components in a server environment.

lwc.dev

salesforce/lwc

22 lines 1.17 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
/** * The text content inside `<style>` is a special case. It is _only_ rendered by the LWC engine itself; `<style>` tags * are disallowed inside of HTML templates. * * The `<style>` tag is unusual in how it's defined in HTML. Like `<script>`, it is considered a "raw text element," * which means that it is parsed as raw text, but certain character sequences are disallowed, namely to avoid XSS * attacks like `</style><script>alert("pwned")</script>`. * * This also means that we cannot use "normal" HTML escaping inside `<style>` tags, e.g. we cannot use `&lt;`, * `&gt;`, etc., because these are treated as-is by the HTML parser. * * * @param contents CSS source to validate * @throws Throws if the contents provided are not valid. * @see https://html.spec.whatwg.org/multipage/syntax.html#raw-text-elements * @see https://github.com/salesforce/lwc/issues/3439 * @example * validateStyleTextContents('div { color: red }') // Ok * validateStyleTextContents('</style><script>alert("pwned")</script>') // Throws */ export declare function validateStyleTextContents(contents: string): void; //# sourceMappingURL=validate-style-text-contents.d.ts.map