[dancer-users] Best practice to escape HTML entities in Dancer2 and TT

Lutz Gehlen lrg_ml at gmx.net
Mon Mar 19 18:07:19 GMT 2018 

Hey Scott,

sorry for the long silence. After my return I've tried to get this 
solution to work, but so far I've not been successful. I wanted to 
write up my attempts, but got buried in other work, hence the delay. 
I'll reply in more detail later this week.

Cheers,
Lutz


On Tuesday, 13.03.2018 12:51:54 Scott H wrote:
> Did this work?
> 
> On Wed, Feb 21, 2018 at 6:46 AM, Lutz Gehlen <lrg_ml at gmx.net> 
wrote:
> > Hi Scott,
> > 
> > thank you for your reply. This looks exactly like the piece of
> > information I was lacking. I'll be traveling the next couple of
> > days, but I'll certainly try this approach next week.
> > 
> > Cheers,
> > Lutz
> > 
> > On Tuesday, 20.02.2018 11:40:00 Scott H wrote:
> > > Looking into what your asking, have you tried this:
> > > https://metacpan.org/pod/Dancer2::Template::TemplateToolkit
> > > 
> > > Go to Advanced Customizations and you'll see how to create a
> > > subclass module to return $tt. Have you tried this method?
> > > 
> > > -Scott
> > > 
> > > On Tue, Feb 20, 2018 at 1:47 AM, Lutz Gehlen <lrg_ml at gmx.net>
> > 
> > wrote:
> > > > Hi Warren,
> > > > 
> > > > thank you for your reply and your research on the escaping
> > > > plugins.>
> > > > 
> > > > On Monday, 19.02.2018 10:59:19 Warren Young wrote:
> > > > > Since you seem to have an itch here, how about you port
> > > > > the
> > > > > plugin?  Then you get the software you want.  You’ve got
> > > > > preexisting code on both sides to work with: the source
> > > > > plugin
> > > > > and many examples of existing D2 plugins to aid in the
> > > > > translation.
> > > > 
> > > > Yes, maybe porting the plugin is the way to go. However,
> > > > part of
> > > > my intention in raising this topic on the list was to find
> > > > out
> > > > whether a port of Dancer::Plugin::EscapeHTML actually _is_
> > > > the
> > > > software I really want. What made me think was that nobody
> > > > has
> > > > done it so far as a solution to what I believed to be a
> > > > standard problem.
> > > > 
> > > > Furthermore, the documentation of Dancer::Plugin::EscapeHTML
> > > > states: "If you're using Template Toolkit, you may wish to
> > > > look
> > > > instead at Template::Stash::EscapeHTML which takes care of
> > > > this
> > > > reliably at the template engine level, and is more
> > > > widely-used
> > > > and tested than this module."
> > > > 
> > > > This supposedly goes along the same line as Shlomi's
> > > > suggestion
> > > > of Template::Stash::AutoEscaping, but so far I have not
> > > > figured
> > > > out how to deploy this approach in Dancer.
> > > > 
> > > > So to come back to your suggestion of porting
> > > > Dancer::Plugin::EscapeHTML to Dancer2, I will consider it,
> > > > but
> > > > need to find out more about whether this is the right way to
> > > > go.
> > > > 
> > > > Cheers,
> > > > Lutz
> > > > 
> > > > _______________________________________________
> > > > dancer-users mailing list
> > > > dancer-users at dancer.pm
> > > > http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
> > 
> > _______________________________________________
> > dancer-users mailing list
> > dancer-users at dancer.pm
> > http://lists.preshweb.co.uk/mailman/listinfo/dancer-users

More information about the dancer-users mailing list