Hi, I'm starting to use Mason2 on new projects, and in the whole I think the changes from HTML::Mason were extremely positive.
There is one aspect that bothers me: by default, substitution tags do not perform a HTML escape filter. I think this is a dangerous default, and forces me (let's ignore for now the DefaultFilter plugin) to include | h on the vast majority of my substitutions. I was wondering why such decision was made. I read through the CAVEATS section of the Mason::Plugin::DefaultFilter documentation, and while I concede that a default filter configuration like Mason1 default_escape_flags is action-at-the-distance (and that is bad), I find that the default is even worse. For now I'm using the DefaultFilter plugin. It saves me a lot of typing and I believe it to be worth it, so my "problem" is solved. But I would like to understand why the decision of not doing HTML escape was taken. My point of view is that a | raw is more obvious and easier to grep for than the lack of a | h on the elements that actually don't need the escaping. Thanks in advance for you time, -- Pedro Melo @pedromelo http://www.simplicidade.org/ http://about.me/melo xmpp:m...@simplicidade.org mailto:m...@simplicidade.org ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Mason-users mailing list Mason-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mason-users
