[Templates] patch to selectively auto-filter all GETs
Josh Rosenbaum
josh at infogears.com
Fri Nov 16 17:17:14 GMT 2007
E R wrote:
> I developed this patch because I have hundreds of templates which do
> not properly HTML escape insertion of data. The patch allows one to
> use:
>
> [% GETFILTER 'fname' %] ...block... [% END %]
>
> and all GETS within the block will be filtered through the Perl
> function 'fname' before being added to the output buffer. The
> GETFILTER directive is nestable, and you can use them in templates
> invoked with WRAPPER and INCLUDE, etc.
[SNIP]
> [% GETFILTER '::html_escape' %]
> ... lots of HTML that look like <textarea>[% comment %]</textarea>
> [% GETFILTER '' %]
> ... not auto html-escaped...
> [% END %]
> ... back to auto HTML escaping...
> [% END %]
>
> Any comments?
Sounds like an interesting idea. However, I'm not too keen on giving a TT builder access to perl functions. Using standard TT filters would be ok.
-- Josh
More information about the templates
mailing list