This repository has been archived by the owner on Dec 2, 2022. It is now read-only.
Turn on autoescaping in jinja templates #9
Assignees
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
turning jinja2's autoescape mode on would solve a common problem. Many people were doing something like
<p>{{movie.owner}} watched ...</p>. Becausemovie.owneris an instance ofUser, it prints out something like<User .. >.The browser parses that as an html entity, so it doesn't display anything (unless you click view-source). It would be much easier for students to see what was going on if it printed out
<User ..>. Plus, it's good practice to have autoescape on anyway.The text was updated successfully, but these errors were encountered: