Hacker News new | ask | show | jobs
by open-paren 1872 days ago 

  > (new Sanitizer()).sanitizeToString(`<sc<script>ript>alert('XSS')</sc</script>ript>`)
  "ript&gt;alert('XSS')ript&gt;"