12Şub
Vue HTML escape
I have done a code scan and fail to understand whether there is a real problem. For both cases I get "Vue HTML escaping is disabled.".
- Case 1:
<a :href="return.url">doesn't this simply embed the value ofreturn.url? Is this vulnerable to a XSS? - Case 2:
<span v-html="htmlTemp">I read in the Vue.js documentation thatv-htmlis potentially dangerous.
How would I mitigate it?
