defmodule EExHTML do @moduledoc ~S""" Extension to Embedded Elixir (EEx), part of the standard library, that allows content to be safely embedded into HTML. iex> title = "EEx Rocks!" iex> content = ~E"

<%= title %>

" %EExHTML.Safe{data: [[[[] | "

"], "EEx Rocks!"] | "

"]} iex> "#{content}" "

EEx Rocks!

" iex> title = " \"\"\" Use `javascript_variables/1` for injecting variables into any JavaScript environment. **DO THIS** ~E\"\"\" <%= javascript_variables name: "Cynthia" %> \"\"\" #### Raw content **Data supplied by the user or other external source should never be considered safe. The assumption that user data is safe is the source of [Cross-Site Scripting(XSS)](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) attacks.** There some cases where data is safe and you want to use the raw content in a template. iex> title = " """ end {:error, :nofile} -> def javascript_variables(_variables) do raise "`javascript_variables/1` requires the Jason encoder, add `{:jason, \"~> 1.0.0\"}` to `mix.exs`" end end end