Comment #16 on issue 2217 by [email protected]: HTML extensions to String.prototype shouldn’t escape ', < and > in argument values; only "
http://code.google.com/p/v8/issues/detail?id=2217
(In other words, remove the XSS risk even if you can't ensure perfect functionality).
-- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
