lwc
lwc copied to clipboard
salesforce
Move validation of `<style>` contents to compilation
As of #3442, we check for CSS that cannot be inlined into <style> tags (e.g. because it contains the string </style>, which could could cause an XSS vulnerability).
Right now we pay this cost during SSR, but ideally this validation should be done once during compilation, not multiple times during SSR. However, this would be a breaking change, since it could impact existing LEX components (which currently don't need to support SSR).
Another solution would be to find some other solution entirely that doesn't involve validating the <style> contents. (E.g. figuring out a clever way to escape a CSS selector like [attr="</style>"], assuming that this pattern even exists in the wild.)
![git2gus[bot] avatar](https://avatars.githubusercontent.com/in/19654?v=4 "Published by a pub.dev verified publisher"){kind=small}