Escape Attributes
Source: developer.chrome.com
Published:
<p>On May 20, 2025, the HTML specification was updated to escape in attributes, helping prevent mutation XSS (mXSS) vulnerabilities. This change landed in Chrome 138, which was to Beta on May 28, 2025, and will become Stable on June 24, 2025.</p> <p>This post details the impact of the HTML attribute