Y
Hacker News
new
|
ask
|
show
|
jobs
by
pigbearpig
1351 days ago
That seems pretty unsafe without running it through some sanitizer. Trying not to judge too hard, but I would be concerned about the implementation of showHtmlPage by the same author that didn't handle non-json responses.
1 comments
ValCanBuild
1351 days ago
Hey, OP here - I'm open to advice about how best to handle this! I'm currently just opening a new window and writing the HTML to it.
What's the safest way to handle this? Open it in an iframe?
link
What's the safest way to handle this? Open it in an iframe?