From 4b234fc6c9a784949328c10c9a69cdfa35d233fc Mon Sep 17 00:00:00 2001 From: abdullhakim-sami <132011567+abdullhakim-sami@users.noreply.github.com> Date: Wed, 18 Jun 2025 15:08:33 +0300 Subject: [PATCH 1/2] Update element.gleam --- sketch_lustre/src/sketch/lustre/element.gleam | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/sketch_lustre/src/sketch/lustre/element.gleam b/sketch_lustre/src/sketch/lustre/element.gleam index 89e19c6..3f69df6 100644 --- a/sketch_lustre/src/sketch/lustre/element.gleam +++ b/sketch_lustre/src/sketch/lustre/element.gleam @@ -1,8 +1,10 @@ //// This module is a drop-in replacement for `lustre/element`. Just //// use the new functions, and everything will automagically be styled. +import gleam/function import lustre/attribute.{type Attribute} import lustre/element as el +import lustre/vdom/vnode import sketch import sketch/css import sketch/lustre/internals/global @@ -24,6 +26,35 @@ pub const text = el.text /// [Lustre Documentation](https://hexdocs.pm/lustre/lustre/element.html#map) pub const map = el.map +/// A function for constructing a wrapper element with custom raw HTML as its +/// content. Lustre will render the provided HTML verbatim, and will not touch +/// its children except when replacing the entire inner html on changes. +/// +/// > **Note:** The provided HTML will not be escaped automatically and may expose +/// > your applications to XSS attacks! Make sure you absolutely trust the HTML you +/// > pass to this function. In particular, never use this to display un-sanitised +/// > user HTML! +/// +pub fn unsafe_raw_html( + namespace namespace: String, + tag tag: String, + class class: css.Class, + attributes attributes: List(Attribute(msg)), + inner_html inner_html: String, +) -> Element(msg) { + let class_name = class_name(class) + let attributes = [attribute.class(class_name), ..attributes] + + vnode.unsafe_inner_html( + key: "", + namespace:, + tag:, + mapper: function.identity, + attributes:, + inner_html:, + ) +} + /// [Lustre Documentation](https://hexdocs.pm/lustre/lustre/element.html#element) pub fn element( tag tag: String, From d028e6bd9baf64dcd4c252899449165431cbc70c Mon Sep 17 00:00:00 2001 From: p2p-notes Date: Wed, 9 Jul 2025 14:10:44 +0300 Subject: [PATCH 2/2] add unsafe_raw_html --- sketch_lustre/src/sketch/lustre/element.gleam | 21 ++----------------- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/sketch_lustre/src/sketch/lustre/element.gleam b/sketch_lustre/src/sketch/lustre/element.gleam index 3f69df6..7486bc2 100644 --- a/sketch_lustre/src/sketch/lustre/element.gleam +++ b/sketch_lustre/src/sketch/lustre/element.gleam @@ -1,10 +1,8 @@ //// This module is a drop-in replacement for `lustre/element`. Just //// use the new functions, and everything will automagically be styled. -import gleam/function import lustre/attribute.{type Attribute} import lustre/element as el -import lustre/vdom/vnode import sketch import sketch/css import sketch/lustre/internals/global @@ -26,15 +24,7 @@ pub const text = el.text /// [Lustre Documentation](https://hexdocs.pm/lustre/lustre/element.html#map) pub const map = el.map -/// A function for constructing a wrapper element with custom raw HTML as its -/// content. Lustre will render the provided HTML verbatim, and will not touch -/// its children except when replacing the entire inner html on changes. -/// -/// > **Note:** The provided HTML will not be escaped automatically and may expose -/// > your applications to XSS attacks! Make sure you absolutely trust the HTML you -/// > pass to this function. In particular, never use this to display un-sanitised -/// > user HTML! -/// +/// [Lustre Documentation](https://hexdocs.pm/lustre/lustre/element.html#unsafe_raw_html) pub fn unsafe_raw_html( namespace namespace: String, tag tag: String, @@ -45,14 +35,7 @@ pub fn unsafe_raw_html( let class_name = class_name(class) let attributes = [attribute.class(class_name), ..attributes] - vnode.unsafe_inner_html( - key: "", - namespace:, - tag:, - mapper: function.identity, - attributes:, - inner_html:, - ) + el.unsafe_raw_html(namespace, tag, attributes, inner_html) } /// [Lustre Documentation](https://hexdocs.pm/lustre/lustre/element.html#element)