This repository was archived by the owner on Apr 7, 2024. It is now read-only.
This repository was archived by the owner on Apr 7, 2024. It is now read-only.
Escape all values in HTML #98
Description
I don't know if you want to but it might be worth having EJS escape all output just as a precaution to avoid any potential XSS issues.
The code looks safe but escaping all output would prevent any issues if some user input did accidentally sneak in. I can create a PR for it if you want to do it.