This is my textarea for editing a blog comment, the textare content is filled using mustache.js:
<textarea name="content">{{content}}</textarea>
Now if the user typed a html tag into his comment - for example he commented </textarea> my text here - the edit textarea content will show </textarea> my text here
But if I change {{content}} to {{{content}}}, the resulting html of the comment content will be something like this:
<textarea name="content"></textarea> my text here</textarea>
Which obviously doesn't work either.
How do I solve this problem? :(
Turns out it was my mistake.
I escaped the string once from server side, and then escaped it again using mustache.
The actual content filled was &lt;, not < thus resulting in a textarea displaying <