Opened 18 months ago

Closed 18 months ago

Last modified 18 months ago

#34577 closed New feature (fixed)

New template filter `escapeseq`

Reported by: Natalia Bidart Owned by: Arthur Moreira
Component: Template system Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

Following #34574, and after some conversations within the security team, it seems appropriate to provide a new template filter escapeseq which would be to escape what safeseq is to safe. An example of usage would be:

{{ some_list|escapeseq|join:"," }}

where each item of some_list is escaped before applying the join operation. This usage makes sense in a context where autoescape is off.

Change History (8)

comment:1 by Mariusz Felisiak, 18 months ago

Triage Stage: UnreviewedAccepted

comment:2 by Mariusz Felisiak, 18 months ago

Easy pickings: set

comment:3 by Arthur Moreira, 18 months ago

Owner: changed from nobody to Arthur Moreira
Status: newassigned

comment:4 by Arthur Moreira, 18 months ago

Has patch: set

comment:5 by Mariusz Felisiak, 18 months ago

Patch needs improvement: set

Per David's comments.

comment:6 by Mariusz Felisiak, 18 months ago

Patch needs improvement: unset
Triage Stage: AcceptedReady for checkin

comment:7 by Mariusz Felisiak <felisiak.mariusz@…>, 18 months ago

Resolution: fixed
Status: assignedclosed

In 061a8a1b:

Fixed #34577 -- Added escapeseq template filter.

comment:8 by Mariusz Felisiak <felisiak.mariusz@…>, 18 months ago

In 881cc13:

Refs #34574, Refs #34577 -- Mentioned escapeseq filter in escape/autoescape docs.

Note: See TracTickets for help on using tickets.
Back to Top