Malcolm Tredinnick wrote:
> On Sun, 2006-07-16 at 21:30 +0200, Michael Radziej wrote:
>> I'm more for 'escaped' and 'raw', but not really violently. This is a
>> minor issue, and I wouldn't like to get the work delayed by it.
>> Also ... I volunteer to rewrite the docs if these terms change. But
>> only once ;-)
>
> "Escaped" strikes me as bogus because it's not really the case: we are
> just saying this output can be dumped in without further escaping.
I see your point, you're right. But 'safe' still isn't necessary
safe, I can perfectly mark unsafe strings as safe ;-)
> I thought about "raw" on Saturday and wondered if it would lead to
> confusion: is a raw string "untreated" or "should not be treated
> further" (we intend the latter).
Interesting ... I was sure for everybody it meant the first one,
along the line 'still needs cooking'. Wellllll ... seems not to work.
I'd have lots of other ideas, but feel this is getting too far.
How about brainstorming this on irc? Perhaps suggest a time that
suits you.
>> I think so. Is there a case for escaping two times? I don't see any,
>> and one could still easily craft a custom filter that does escape two
>> times.
>
> Damn. Your phrasing tipped me off to a case we need this more: RSS feeds
> and Atom content elements with type="html". :-(
Hmm, really ... I've not been into RSS or Atoms, so I wasn't
aware. I feel a little stupid about this, now. I assume that
inside the <summary> element you have to escape html?
> We might need a "mark as unsafe" filter for these cases (so that {{ var|
> escape|unsafe|escape }}) works (or just make "escape" not mark the
> string as safe, but I suspect that will have unintended annoying
> side-effects).
Alternatively, you could add a filter that escapes 'safe' strings
once and unsafe strings twice. Call it 'double_escape'. But this
is a minor issue. I'm presently not sure what is better.
Michael
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-developers
-~----------~----~----~----~------~----~------~--~---
