turn on autoescape in Jinja2 #9
Comments
|
I'd rather leave it the default, but document how to turn it on if you want it. Could/should also serve to document how, in general, to tweak renderers. |
|
The difference in our case is that we're almost exclusively HTML/XML in context. Jinja2 might be used for email, but aspen-jinja2 is almost certainly being used for HTML. |
|
aspen-jinja2 should be able to determine what it's being used for (via the Content-Type) and thus whether or not it's appropriate to turn on the autoescape. |
|
I have a branch ready for this, waiting for the next Aspen release. |
Changaco
added a commit
that referenced
this issue
Feb 18, 2015
Merged
Changaco
added a commit
that referenced
this issue
Apr 3, 2015
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Jinja2 sez autoescape is bad, but I disagree. See gratipay/gratipay.com#722 for discussion.
The text was updated successfully, but these errors were encountered: