Options
All
  • Public
  • Public/Protected
  • All
Menu

A value that's interpolated directly into the template before parsing.

Static values cannot be updated since they don't define a part and are effectively merged into the literal part of a lit-html template. Because they are interpolated before the template is parsed as HTML, static values may occupy positions in the template that regular interpolations may not, such as tag and attribute names.

UnsafeStatic values are inherently very unsafe, as the name states. They can break well-formedness assumptions and aren't escaped, and thus a potential XSS vulnerability if created from user-provided data.

It's recommended that no user templates ever use UnsafeStatic directly, but directive-like functions are written by library authors to validate and sanitize values for a specific purpose, before wrapping in an UnsafeStatic value.

An example would be a tag() directive that lets a template contain tags whose names aren't known until runtime, like:

html`<${tag(myTagName)}>Whoa</${tag(MyElement)}>`

Here, tag() should validate that myTagName is a valid HTML tag name, and throw if it contains any illegal characters.

Hierarchy

  • UnsafeStatic

Index

Constructors

Properties

Constructors

constructor

Properties

value

value: unknown

Generated using TypeDoc