Sadly this was nicer in Twirl, because *safe* string interpolation was
happening more naturally in templates. This example allows no XSS,
guaranteed by types:
@embedJs {
var foo = { "bar": @{safeJsonValue(jsObj)} };
}
Equivalent with scalatags:
embedJs(frag(
raw("""var foo = { "bar": """), jsObj.toJsonFrag, raw(" }; ")
))
This is so ugly that it's used nowhere. Just unsafe string interpolation
everywhere:
embedJsUnsafe(s"""var foo = { "bar": ${safeJsonValue(jsObj)} };""")
Note that this would compile fine without safeJsonValue, but would be
an XSS vulnerability.