Lightview:Tutorial:Sanitizing and Escaping HTML

## Sanitizing and Escaping HTML Lightview "sanitizes" templates before attempting to resolve them by making suspicious code unparseable. The result is that the template will simply not be replaced in the component. If resolution is successful and the target node is an HTMLElement or Attr, it takes the result of the template interpolation and escapes all HTML characters before inserting the value into the DOM. If the target node is a TextNode, no escaping is conducted because it is not needed. The DOM will not try to treat the content of a text node like it is HTML, even if it looks like HTML. Surprisingly, most of the time, the target will be a TextNode. Note that the only successful substitutions in the REPL are for the button label and the value of `test` plus 1. See the API documentation on [Lightview.sanitizeTemplate](../api.html#sanitizeTemplate) and [Lightview.escapeHTML](../api.html#escapeHTML). This concludes the tutorial. Feel free to post questions to the GitHub issues page.

Test:${test + 1}

Test:"+(test++)+"