On Thu, 2010-11-04 at 19:06 -0700, SmileyChris wrote:
> I too would like to know other's thoughts.
Is there any other core dev who would like to weigh in on this?
Basically, the proposal is to add custom autoescaping, by passing a
callable as a keyword argument to Context.
The problem is that with custom autoescaping we cannot guarantee that
any builtin filters or tags will work correctly. We would have to
document it with a warning something like this:
All of the filters and tags supplied with Django, and with many other
Django apps, assume HTML output and HTML escaping. If you use a
different autoescape function, many of these filters and tags may
be subtly broken with respect to what they output and how they
handle escaping. If you need any builtin tags or filters, the
suggested approach is to check and analyse their implementation
for use with your escaping function, and where necessary create
your own version which works correctly for your use case. Your
version can be added to a library and loaded using {% load %} to
shadow the builtin version.
Luke
--
"I married Miss Right, I just didn't know her first name was
'Always'"
Luke Plant || http://lukeplant.me.uk/
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
