On Thu, 2010-11-04 at 19:06 -0700, SmileyChris wrote: > I too would like to know other's thoughts.
Is there any other core dev who would like to weigh in on this? Basically, the proposal is to add custom autoescaping, by passing a callable as a keyword argument to Context. The problem is that with custom autoescaping we cannot guarantee that any builtin filters or tags will work correctly. We would have to document it with a warning something like this: All of the filters and tags supplied with Django, and with many other Django apps, assume HTML output and HTML escaping. If you use a different autoescape function, many of these filters and tags may be subtly broken with respect to what they output and how they handle escaping. If you need any builtin tags or filters, the suggested approach is to check and analyse their implementation for use with your escaping function, and where necessary create your own version which works correctly for your use case. Your version can be added to a library and loaded using {% load %} to shadow the builtin version. Luke -- "I married Miss Right, I just didn't know her first name was 'Always'" Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.