Opened 15 years ago
Closed 15 years ago
#9755 closed (wontfix)
"semisafe" filter
| Reported by: | while0pass | Owned by: | nobody |
|---|---|---|---|
| Component: | Template system | Version: | 1.0 |
| Severity: | Keywords: | safe semisafe filter | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
It would be good to have "semisafe" filter within django template system. It is aimed at combining acceptable SECURITY and good web-TYPOGRAPHY. It would be like "safe" filter with the exception that html-instances like " " or "—" would be processed without escaping. I mean it must escape all html tags (that is structural markup), but keep intact all that only inended to represent characters in a text. Better still, we have "semisafe" filter with the default behaviour like that described above and other behaviour controlled with options. With options we could allow some tags or tag lists for instance like <em>, <sub>, <sup> or other inline ones. It is possible to think out different levels for semisafe filter. Each level could embrace some additional tag group.
This is way, way, way out of scope for Django; if you need this functionality, consider writing a filter which allows what you want to allow (and encouraging others to use it or adapt it to their own needs, which will almost certainly vary).