[next] Sanitize <py-script> content + deprecate html content (#1663)

pyscript.core/src/core.js

@@ -1,6 +1,7 @@
 import "@ungap/with-resolvers";
 import { $ } from "basic-devtools";
 import { define, XWorker } from "polyscript";
+import { htmlDecode } from "./utils.js";
 
 // this is imported as string (via rollup)
 import display from "./display.py";
@@ -54,7 +55,7 @@ const after = () => {
  * It either throws an error if the 'src' can't be fetched or it returns a fallback
  * content as source.
  */
-const fetchSource = async (tag, io) => {
+const fetchSource = async (tag, io, asText) => {
     if (tag.hasAttribute("src")) {
         try {
             return await fetch(tag.getAttribute("src")).then(getText);
@@ -62,7 +63,15 @@ const fetchSource = async (tag, io) => {
             io.stderr(error);
         }
     }
-    return tag.textContent;
+
+    if (asText) return tag.textContent;
+
+    console.warn(
+        'Deprecated: use <script type="py"> for an always safe content parsing:\n',
+        tag.innerHTML,
+    );
+
+    return htmlDecode(tag.innerHTML);
 };
 
 // common life-cycle handlers for any node
@@ -211,7 +220,7 @@ define("py", {
             defineProperty(element, "target", { value: show });
 
             pyodide[`run${isAsync ? "Async" : ""}`](
-                await fetchSource(element, pyodide.io),
+                await fetchSource(element, pyodide.io, true),
             );
         } else {
             // resolve PyScriptElement to allow connectedCallback
@@ -231,8 +240,8 @@ class PyScriptElement extends HTMLElement {
         if (!this.executed) {
             this.executed = true;
             const { io, run } = await this._pyodide.promise;
-            this.srcCode = await fetchSource(this, io);
-            this.textContent = "";
+            this.srcCode = await fetchSource(this, io, !this.childElementCount);
+            this.replaceChildren();
             run(this.srcCode);
             this.style.display = "block";
         }