thanks for your answer. Problem is when I use sanitize then the output is
var filterSettings = {"section":
"</script><iframe>;
which is not valid js because the attribute quotes should not be escaped
btw, I'm using web2py 2.12.3 - maybe that's fixed/improved in future
versions? or am I doing something wrong?
On Monday, April 15, 2019 at 7:50:30 PM UTC+2, Leonel Câmara wrote:
>
> Change it to:
>
> <script type="text/javascript">
> var filterSettings = {{=XML(filter_settings, sanitize=True)}};
> </script>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
