secure-handlebars-helpers
This handy client-side script registers the required XSS output filtering functions as handlebars' helpers, and is designed ONLY for templates that already have the context-sensitive filter markup (e.g., <title>{{{yd title}}}</title>
) automatically inserted using secure-handlebars.
Quick Start
Client-side (browser)
Download the latest version at dist/secure-handlebars-helpers.min.js, and embed it after the handlebars script file.
Note: Read more about the underlying output filtering principle at xss-filters.
Contribute
To contribute, you will make changes in src/
and tests/
, followed by the following commands:
$ npm run-script build
to build the standalone JavaScript for client-side use$ npm test
to run the tests
License
This software is free to use under the Yahoo BSD license. See the LICENSE file for license text and copyright information.