Skip to content

Add verifiedInnerHtml#78

Open
cornusandu wants to merge 3 commits into
NotValra:mainfrom
cornusandu:patch-x6
Open

Add verifiedInnerHtml#78
cornusandu wants to merge 3 commits into
NotValra:mainfrom
cornusandu:patch-x6

Conversation

@cornusandu

Copy link
Copy Markdown
Contributor

Overview

Added verifiedInnerHtml, a safer way of using hardcoded innerHtml.

Simply add innerHTML values to public/Assets/data/innerHtmlList.toml, and you can then use them!

image

Writing innerHTML

There are four syntax features worth noting:

1. Referencing locales

Simply reference a locale by doing [[locale <localeKey>]].

Example: [[locale status.trusted.warning]]

2. Referencing other innerHTML keys

Reference another innerHTML key by doing [[innerhtml <key>]].

Example: [[innerhtml some.other.key]]

Note

If two innerHTML keys reference eachother, the parser will resolve this by replacing one with (unbounded reference loop).

3. Named Variables

Simple enough: {{namedVariable}}

Caution

Using a variable this way will not automatically sanitise it.

4. Untrusted Named Variables

Syntax: {{{namedVariable}}}

These variables get passed through safeHTML() before being used.

Using verifiedInnerHtml

For demonstration, I will be showing how to use verifiedInnerHtmlSync.

Assuming you have a key status.trusted.disclaimer that requires a variable with the user's description (completely hypothetical scenario), you would do:

verifiedInnerHtmlSync().status.trusted.disclaimer({description: someValue});

The innerhtml key can itself choose to sanitise description by using it as {{{description}}} instead of {{description}}.

If there are no variables, you can just do:

verifiedInnerHtmlSync().status.trusted.disclaimer();

For async, do:

(await verifiedInnerHtml).status.trusted.disclaimer();

About linter errors

The verifiedInnerHtml feature is ignored by the linter.

@cornusandu cornusandu marked this pull request as ready for review May 12, 2026 17:15
@rav4toy

rav4toy commented May 13, 2026

Copy link
Copy Markdown
Contributor

this would be great

@cornusandu

Copy link
Copy Markdown
Contributor Author

this would be great

Hi, I can't tell if this is sarcasm or not (text tends to lack emotions), but this was proposed as means of replacing hardcoded innerHTML inside JavaScript files, while including QoL features such as easier sanitisation of variables, referencing locales easily, or referencing other innerHTML keys (if needed).

@rav4toy

rav4toy commented May 13, 2026

Copy link
Copy Markdown
Contributor

no sarcasm behind my comment, as i said it would be great

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants