From 0e3a92ee2a9bcbbd6e23d515c0bb371f1b139ffe Mon Sep 17 00:00:00 2001
From: Tyler Akins <fidian@rumkin.com>
Date: Wed, 24 Jul 2024 14:32:22 -0500
Subject: [PATCH] Force attributes to be properly encoded strings

---
 src/index.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/index.ts b/src/index.ts
index ce5c6ed..d78164a 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -164,7 +164,13 @@ export class Cona extends HTMLElement {
                 : currentValue;
 
             valueString = key;
-          } else valueString = JSON.stringify(currentValue);
+          } else {
+              valueString = `${currentValue}`;
+              for (const letter of '&\'"<>\r\n'.split('')) {
+                  valueString = valueString.replaceAll(letter, `&#${letter.charCodeAt(0)};`);
+              }
+              valueString = `"${valueString}"`;
+          }
         } else if (Array.isArray(currentValue)) {
           valueString = currentValue.join("");
         }