#10912: firstof template tag should autoescape variables
--------------------------------------+-------------------------------------
Reporter: andrewbadr | Owner: andrewbadr
Status: new | Milestone:
Component: Template system | Version: 1.0
Resolution: | Keywords:
Stage: Unreviewed | Has_patch: 1
Needs_docs: 0 | Needs_tests: 0
Needs_better_patch: 0 |
--------------------------------------+-------------------------------------
Changes (by andrewbadr):
* needs_better_patch: => 0
* needs_tests: => 0
* needs_docs: => 0
Comment:
My expected behavior for Django is: The results of all template tags
should be escaped unless marked safe. For builtin templatetags that return
safe strings, this should include escaping any variables involved in
rendering that template tag.
The included patch solves locally what I see as part of a bigger problem.
--
Ticket URL: <http://code.djangoproject.com/ticket/10912#comment:1>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
