#8959 closed (fixed)
Remove calls to escape in new comments framework templates
Reported by: | Jarek Zgoda | Owned by: | Adrian Holovaty |
---|---|---|---|
Component: | contrib.comments | Version: | master |
Severity: | Keywords: | ||
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | UI/UX: |
Description
As autoescaping is in place with current Django, escaping values in templates is not necessary. Attached patch fixes this.
Attachments (1)
Change History (6)
Changed 10 years ago by
Attachment: | contrib-comments-escaping.diff added |
---|
comment:1 Changed 10 years ago by
Triage Stage: | Unreviewed → Design decision needed |
---|
True, but I don't see anything wrong with keeping it on. It's better to be safe than never. Marking it DDN for some core-devs to comment on this.
comment:3 Changed 10 years ago by
Owner: | changed from nobody to Adrian Holovaty |
---|---|
Status: | new → assigned |
Triage Stage: | Design decision needed → Accepted |
It's worth removing those unnecessary "escape" filters, given that they're redundant and cause a slight be of extra overhead. I will review and check in the patch.
comment:4 Changed 10 years ago by
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note: See
TracTickets for help on using
tickets.
Removing calls to escape in templates