What's Changed
- add
Escape::htmlJsonAttr()
to escape data serialized to HTML attribute, - remove protection for innerHTML mXSS vulnerability (nette/nette#1496),
- improve compatibility with JS binding (syntax of
{{ variables }}
in JS templates) - small improves
Full Changelog: v1.9.5...v1.10.0