💼 This rule is enabled in the 📋 template-lint-migration config.
Usage of triple curly braces to allow raw HTML to be injected into the DOM is a large vector for exploits of your application (especially when the raw HTML is user-controllable). Instead of using {{{foo}}}, you should use appropriate helpers or computed properties that return a SafeString (via Ember.String.htmlSafe generally) and ensure that user-supplied data is properly escaped.
This rule forbids the following:
<template>
{{{foo}}}
</template>This rule allows the following:
<template>
{{foo}}
</template>- See the documentation for Ember's
htmlSafefunction