html-template icon indicating copy to clipboard operation
html-template copied to clipboard
verified publisher icon mpeters

Allow custom escaping

Open oschwald opened this issue 9 years ago • 1 comments

We use HTML::Template in conjunction with an Angular app and would like to escape { when using html escaping to prevent attacks of this sort. To do this, we had to fork HTML::Template. It would be nice if the escaping was customizable, either by allowing the user to pass their own mapping or allowing the user to pass callbacks to use instead of the default escaping code.

oschwald avatar Jan 30 '17 18:01 oschwald

Hi Greg!

Customizable escaping is an often requested feature! If you were to submit a patch or pull request, I'm sure the maintainers would welcome it!

thanks,

-dave

davidkaufman avatar Jan 31 '17 12:01 davidkaufman