Closed schungx closed 3 months ago
Right now, if I use linebreaksbr, I have to pair it with the safe filter...
linebreaksbr
safe
However, that opens me up to injection attacks, as the text itself may contain HTML tags and/or scripts etc...
There is no html_encode filter, otherwise I can simply do:
html_encode
{{ value | html_encode | linebreaksbr | safe }}
There is the escape filter. Sorry.
escape
Right now, if I use
linebreaksbr
, I have to pair it with thesafe
filter...However, that opens me up to injection attacks, as the text itself may contain HTML tags and/or scripts etc...
There is no
html_encode
filter, otherwise I can simply do: