autoEscaping

Auto-Escaping is an important feature of Squirrelly. When it's enabled, every reference without the safe filter will be HTML-escaped, to provide some protection against XSS.

Sqrl.autoEscaping(true) // Turns autoEscaping on
Sqrl.autoEscaping(false) // Turns autoEscaping off
// autoEscaping is on by default

Note: to avoid escaping a specific reference, you can pass it through the safe filter. Example: {{someref | safe}}

Auto-escaping can be helpful, but it also negatively impacts performance. For best results, autoEscape data before you store it or attempt to render it in a template.

PrevioussetDefaultFilters NextdefineHelper

Last updated 5 years ago