Actually I was not aware of built-in | html escaping. Where is the documentation for that? Or better yet where exactly is that built-in? Is that a catalyst method or TT? Now the authors question makes A LOT more sense. I guess I must be doing things the 1999 way.
Thanks, ------------------------------------------ Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com ------------------------------------------ -----Original Message----- From: J. Shirley [mailto:[email protected]] Sent: Thursday, April 01, 2010 10:35 AM To: The elegant MVC web framework Subject: Re: [Catalyst] Views and escaping HTML On Thu, Apr 1, 2010 at 10:27 AM, Mesdaq, Ali <[email protected]> wrote: > You prefer global escaping to escaping in the template? I use the TT plugin > for escaping > > [% USE HTML %] > [% HTML.escape(needs.escaping) %] > > An idea that might work for you would be if you structure your data in the > stash and create your templates generically looking for data in specific > stash locations you could accomplish what you want with very little work > (potentially) something like: > > [% USE HTML %] > <title>[% data.title %]</title> > <h1>[% HTML.escape(data.escape.something) %]</h1> > > Not sure if that would work for you > Why would you use the HTML plugin rather than just the built-in | html and | uri filters? The HTML plugin gives you HTML generation, using it for filtering seems redundant. PS., adding a template_class would be great... I'd love to have global escaping in a few apps. -J _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
