[dancer-users] Best practice to escape HTML entities in Dancer2 and TT
Scott H
scott.harpster at gmail.com
Tue Feb 20 18:40:00 GMT 2018
Looking into what your asking, have you tried this:
https://metacpan.org/pod/Dancer2::Template::TemplateToolkit
Go to Advanced Customizations and you'll see how to create a subclass
module to return $tt. Have you tried this method?
-Scott
On Tue, Feb 20, 2018 at 1:47 AM, Lutz Gehlen <lrg_ml at gmx.net> wrote:
> Hi Warren,
>
> thank you for your reply and your research on the escaping plugins.
>
> On Monday, 19.02.2018 10:59:19 Warren Young wrote:
> > Since you seem to have an itch here, how about you port the
> > plugin? Then you get the software you want. You’ve got
> > preexisting code on both sides to work with: the source plugin
> > and many examples of existing D2 plugins to aid in the
> > translation.
>
> Yes, maybe porting the plugin is the way to go. However, part of my
> intention in raising this topic on the list was to find out whether a
> port of Dancer::Plugin::EscapeHTML actually _is_ the software I
> really want. What made me think was that nobody has done it so far
> as a solution to what I believed to be a standard problem.
>
> Furthermore, the documentation of Dancer::Plugin::EscapeHTML states:
> "If you're using Template Toolkit, you may wish to look instead at
> Template::Stash::EscapeHTML which takes care of this reliably at the
> template engine level, and is more widely-used and tested than this
> module."
>
> This supposedly goes along the same line as Shlomi's suggestion of
> Template::Stash::AutoEscaping, but so far I have not figured out how
> to deploy this approach in Dancer.
>
> So to come back to your suggestion of porting
> Dancer::Plugin::EscapeHTML to Dancer2, I will consider it, but need
> to find out more about whether this is the right way to go.
>
> Cheers,
> Lutz
>
> _______________________________________________
> dancer-users mailing list
> dancer-users at dancer.pm
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.preshweb.co.uk/pipermail/dancer-users/attachments/20180220/5d6f95af/attachment.html>
More information about the dancer-users
mailing list