Re: [htmltmpl] option to turn ESCAPE=HTML on by default
Brought to you by:
samtregar
Menu
▾
▴
Re: [htmltmpl] option to turn ESCAPE=HTML on by default
|
From: Philip T. <phi...@gm...> - 2005-10-18 11:27:58
|
Sometime Today, AK cobbled together some glyphs to say: > Mike, default_escape can be set to 'URL' or even 'JS' (there's > Javascript escaping in recent HTML::Template too). That's even tested Consider this: If I have some code in my template that needs to be html escaped, and other code that needs to be js escaped, and I want both to be on by default. It makes sense therefore to do this: html_escape => 1, js_escape => 1, foo_escape => 0 Of course, it's pretty hard to figure out which TMPL_VARs need to be escaped in each way. It's also hard to extend this with sanity. Philip -- The sooner our happiness together begins, the longer it will last. -- Miramanee, "The Paradise Syndrome", stardate 4842.6 |
