This repository was archived by the owner on Dec 2, 2022. It is now read-only.
This repository was archived by the owner on Dec 2, 2022. It is now read-only.
Turn on autoescaping in jinja templates #9
Description
turning jinja2's autoescape mode on would solve a common problem. Many people were doing something like <p>{{movie.owner}} watched ...</p>. Because movie.owner is an instance of User, it prints out something like <User .. >.
The browser parses that as an html entity, so it doesn't display anything (unless you click view-source). It would be much easier for students to see what was going on if it printed out <User ..>. Plus, it's good practice to have autoescape on anyway.
Metadata
Metadata
Assignees
Labels
No labels