|
|
|
|
|
|
by furstenheim
701 days ago
|
|
|
There's another one that works 100% of the time. Do client server rendering. Send HTML, then query backend for content. Something like p.textContent = ... It's safe. It's pretty much the same as what a prepared statement does in SQL, send data and code in different channels |
|
|