diff options
| author | Natalia <124304+nessita@users.noreply.github.com> | 2023-05-24 13:59:56 -0300 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2023-05-26 06:26:38 +0200 |
| commit | 881cc139e2d53cc1d3ccea7f38faa960f9e56597 (patch) | |
| tree | 4fab1c894d9b1b71b586a04b871758793c2e9019 /docs | |
| parent | 1a59a324cec5caf12ea0c4947564828aa7bda02a (diff) | |
Refs #34574, Refs #34577 -- Mentioned escapeseq filter in escape/autoescape docs.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/templates/builtins.txt | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index d818e47000..9a9778f0ca 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -56,6 +56,15 @@ is because the filter chaining sequence executes first :tfilter:`join` on fed to :tfilter:`escape` filter, which does not apply a second round of escaping. +In order to properly escape every element in a sequence, use the +:tfilter:`escapeseq` filter: + +.. code-block:: html+django + + {% autoescape off %} + {{ my_list|escapeseq|join:", " }} + {% endautoescape %} + .. templatetag:: block ``block`` @@ -1859,7 +1868,9 @@ For example, you can apply ``escape`` to fields when :ttag:`autoescape` is off: In such cases, chaining ``escape`` would not reescape strings that have already been marked as safe. -To escape each element of a sequence, use the :tfilter:`escapeseq` filter. + This is especially important when using filters that operate on sequences, + for example :tfilter:`join`. If you need to escape each element in a + sequence, use the dedicated :tfilter:`escapeseq` filter. .. templatefilter:: escapejs |
