Hi Arnaud, I'm not sure I got it right what you are doing. Are you reading a data-attribute that comes as a payload inside a template? Then you are putting it back into a template, just to extract it later on again?
The risk of doing this has little to no bearing in the context of an XSS attack. What has more of an impact, is the way you get the data in the first place. If it's gathered from a user, and not handled properly all along the chain, you might have an exposed attack vector. Regards Sander -- You received this message because you are subscribed to the Google Groups "Angular and AngularJS discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
