defmodule EExHTML do
@moduledoc ~S"""
Extension to Embedded Elixir (EEx), part of the standard library,
that allows content to be safely embedded into HTML.
iex> title = "EEx Rocks!"
iex> content = ~E"
<%= title %>
"
%EExHTML.Safe{data: [[[[] | ""], "EEx Rocks!"] | "
"]}
iex> "#{content}"
"EEx Rocks!
"
iex> title = "
\"\"\"
Use `javascript_variables/1` for injecting variables into any JavaScript environment.
**DO THIS**
~E\"\"\"
<%= javascript_variables name: "Cynthia" %>
\"\"\"
#### Raw content
**Data supplied by the user or other external source should never be considered safe.
The assumption that user data is safe is the source of [Cross-Site Scripting(XSS)](https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)) attacks.**
There some cases where data is safe and you want to use the raw content in a template.
iex> title = "
"""
end
{:error, :nofile} ->
def javascript_variables(_variables) do
raise "`javascript_variables/1` requires the Jason encoder, add `{:jason, \"~> 1.0.0\"}` to `mix.exs`"
end
end
end