Files
react/scripts
Sebastian Markbage db489a4ade Only do runtime validation of tag names when createElement is not used
We introduced runtime validation of tag names because we used to generate
HTML that was supposed to be inserted into a HTML string which could've
been an XSS attack.

However, these days we use document.createElement in most cases. That
already does its internal validation in the browser which throws. We're now
double validating it. Stack still has a path where innerHTML is used and
we still need it there. However in Fiber we can remove it completely.
2016-12-13 14:53:36 -08:00
..
2016-04-07 17:30:23 -07:00
2016-09-12 21:58:00 +03:00
2016-11-08 20:20:46 +00:00
2016-12-07 16:04:47 -08:00
2013-09-09 23:42:54 -07:00