Point of order: Jinja2 does now have autoescaping ( http://jinja.pocoo.org/docs/extensions/#autoescape-extension)
Do not take this as any opinion on the matter On 12 February 2014 21:34, Donald Stufft <[email protected]> wrote: > Crate had one, i'd have to pull it out but it was a pretty simple > template. The sticking > point was it had a 30k item loop which was significantly faster in Jinja2. > > On Feb 12, 2014, at 4:25 PM, Curtis Maloney <[email protected]> > wrote: > > At this point someone should start asking for real-world examples with > measurements. > > I'm personally of the "let's see if we can improve DTL first, then revisit > the question" stance. > > But in order to show any improvements, we must have timings for the > current tool. > > Can people who've suffered slowness please donate fragments of template > they've found particularly slow? > > > > On 12 February 2014 21:29, Gwildor Sok <[email protected]> wrote: > >> There are a few problems with Christian's assumptions: >> >> * Not everyone uses a JS Framework. Personally, we use a lot of static >> pages, and when we do want to do some fancy stuff, we use >> pjax<https://github.com/defunkt/jquery-pjax>to replace content on the page, >> but in the backend this is still done by >> rendering a full template through a Django view. >> > > We run a hybrid side, and fairly high traffic [7k req/min is a fairly > typical] and I've yet to find a major template performance issue that > didn't turn out to be a DB hit hiding in an object, or similar. > > That's not to say I don't think it can be faster... > > >> * The templating language is also used for small stuff, and the switch to >> Jinja would enable using the templating language for even more stuff. The >> biggest issue that comes to mind are template-based >> widgets<https://code.djangoproject.com/ticket/15667> >> . >> >> Actually, django-sniplates and django-formulation both allow using > another template as a "bag of macros". I'm also working on a "just macros" > rework of the idea. formulation even has a "reuse" tag so you can define > template macros [using blocks] within your template. > > >> Personally, I'm in favor of switching to Jinja. The speed bonus and the >> ability to call functions with arguments are great features for me. >> > > I guess it's time I finally write my "What should I pass in the Context" > blog post... to point out that your designers are [usually] not coders, and > shouldn't have to understand your data structures or schema. Whilst in > some ways perhaps excessively, DTL does make you consider your data > structures. > > >> One downside I can think of is that Jinja does not escape variables by >> default, which might become a XSS security issue. >> > > That's quite a large downside! > > -- > Curtis > > > -- > You received this message because you are subscribed to the Google Groups > "Django developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-developers. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/CAG_XiSBmOU%3D4orZnW13bw-ZLT_O416unynhtnQ9%3DhgPtL9Bbtw%40mail.gmail.com > . > For more options, visit https://groups.google.com/groups/opt_out. > > > > ----------------- > Donald Stufft > PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 > DCFA > > -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAMwjO1GCQG1q5W_BmU%3DNTA0zmydnTuhVH%3DFrtdDR-kXVSLTZ8Q%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
