Skip to content

Add Support for {{}} syntax#13

Open
yuichkun wants to merge 6 commits intophanan:masterfrom
yuichkun:master
Open

Add Support for {{}} syntax#13
yuichkun wants to merge 6 commits intophanan:masterfrom
yuichkun:master

Conversation

@yuichkun
Copy link

@yuichkun yuichkun commented Mar 24, 2021
edited
Loading

Summary

Hi, there!

When I posted this issue, I was misunderstanding this library's intention to use v-html rather than the {{}} syntax that vue provides.

I thought it would be nicer if there's an option to use {{}}, as it is safer in terms of XSS attack, which is what Vue.js itself suggests in the docs.

So, this PR intends to add support for such case, while preserving the original behavior of supporting v-html.

Notice:

vue-linkify kind of worked with {{}} syntax even without this PR, but it did have a re-render issue above, so this PR tries to solve that as well :)

Example

With this PR,

<div v-linkified>
      <h2>With new vue-linkify</h2>
       my site: {{ msg }}
</div>

will be converted to

<!-- suppose you provide msg as "https://google.com" -->
<div>
      <h2>With new vue-linkify</h2>
       my site: <a href="https://google.com" class="linkified" target="_blank">https://google.com</a>
</div>

@yuichkun yuichkun mentioned this pull request Mar 24, 2021
Open
@phanan
Copy link
Owner

phanan commented Mar 24, 2021

I'm not too convinced by this additional feature TBH. String interop with {{}} is meant to escape special HTML characters and should be used as such. Also, linkifying in itself means the user should be aware of the implications (XSS attacks).

In short, I don't think the additional code (and with it, maintenance) is worth the extra functionality.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@yuichkun @phanan