#17419: JSON template tag
-----------------------------------+---------------------------------------
Reporter: lau | Owner: nobody
Type: New feature | Status: new
Component: Template system | Version: 1.4-alpha-1
Severity: Normal | Resolution:
Keywords: json template tag | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 1 | UI/UX: 0
-----------------------------------+---------------------------------------
Changes (by aaugustin):
* needs_better_patch: 0 => 1
Comment:
I don't believe marking the output as safe by default is the right thing
to do.
Not everyone adds CDATA markers to its <script> tags. Actually, most
frontend devs I've worked with don't.
I'd prefer `{{ data|json|safe }}` within CDATA sections and `{{ data|json
}}` everywhere else, because security should be on be default.
--
Ticket URL: <https://code.djangoproject.com/ticket/17419#comment:5>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
