> Whatever the user enters in the input field will be copied to the element, > but what if the user enters html? That could cause some serious havoc with > your document. (Starting with jQuery 1.1 the .text() method is a setter, but > at the moment it just sends the input to .html() which wouldn't fix this > problem.)
Yes it does. jQuery 1.1 passes all of the text to document.createTextNode() before inserting it into the DOM - causing all HTML-like characters to be serialized. --John _______________________________________________ jQuery mailing list [email protected] http://jquery.com/discuss/
