On 19 Jun 2006, at 21:00, [EMAIL PROTECTED] wrote:
> anyway, i suppose i will wait for you to elaborate on your > reasoning in > the wiki this evening. :) I've written up a proposal for how we can implement auto escaping while hopefully keeping most people happy: http://code.djangoproject.com/wiki/AutoEscaping It incorporates stuff from a whole bunch of prior discussions. In my opinion the most important aspect is the use of special escapedstr and escapedunicode subclasses to mark a string as having been already escaped, meaning that the auto escaping mechanism knows if it should kick in to action or not. This should also avoid double escaping, and allow a decent level of finely grained control over the escaping mechanism. I'd like to get a branch going to explore this stuff properly. From messing around with my own local code it seems like it should all work, but there's a bunch of work that needs to be done to make existing Django filters and templates auto escape compliant. Cheers, Simon --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers -~----------~----~----~----~------~----~------~--~---
