On 30.09.2010 16:35, Jordi Boggiano wrote: > On 30.09.2010 16:25, Miha Vrhovnik wrote: >> I don't know if the case is same as in Dwoo, where with |safe you >> negate the default escape setting. >> e.g if escape is set to true |safe means DO NOT escape. and if escape >> is set to false it means DO escape... > > It is the same as in Dwoo at the moment, and both have taken it from > Django I believe, so you could argue keeping "safe" is good for people > with Django knowledge etc, but I agree |raw makes more sense.
Err.. it's the same as in Dwoo, but afaik neither dwoo nor twig (not sure about twig do escape if you do call safe on a var and the auto-escaping is disabled. It just disables escaping, you should not rely on it to escape variables (there's escape for that). But I guess your confusion proves the point that we should rename that safe into raw :) -- Jordi Boggiano @seldaek :: http://seld.be/ -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
