AFAIK, HTML escaping is done by using 'h' filter. Like this:
${'<html></html>' | h} will render '<html></html>'
Sorry, don't know about auto-closing HTML tags.. I guess there's no such
functionality in Mako by default, but you can use some filter just like HTML
escaping one.
On 5/6/07, Qiangning Hong <[EMAIL PROTECTED]> wrote:
>
>
> I'm porting from genshi to mako for my blog application, and found two
> important features lack in mako:
>
> 1. auto html escaping. I must escape explicitly in mako to avoid XSS
> attack. It's error-prone, but i can live with that.
> 2. auto close open tags in HTML. In genshi, HTML() function will
> close open tags automatically. e.g. HTML('<i>asdf') will produce
> '<i>asdf</i>'. It can avoid users' input to mess up with the page
> layout, that's very important for a system allowing users to input
> html directly.
>
> Is there an equivalent in mako?
>
>
> >
>
--
WBR, Dan Korostelev
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
