ruby-ejs icon indicating copy to clipboard operation
ruby-ejs copied to clipboard
verified publisher icon sstephenson

<%- %> Should mean DON'T escape HTML and <%= %> should mean escape HTML.

Open billmei opened this issue 10 years ago • 1 comments

This library has opposite conventions from what other libraries expect, such as the official NPM version: https://www.npmjs.com/package/ejs . This is also the convention used in Ruby's native erb templates.

Per the Principle of Least Surprise this library should follow the conventions of the more popular libraries that already exist.

billmei avatar Nov 19 '15 23:11 billmei

People who use Google to look this up will also see several responses on Stack Overflow which mention that <%= %> is used for escaping.

Examples:

  • http://stackoverflow.com/questions/16183748/how-to-escape-html-in-node-js-ejs-view
  • http://stackoverflow.com/questions/10326950/render-a-variable-as-html-in-ejs

billmei avatar Nov 19 '15 23:11 billmei