So this is a pretty large change I think, but as far as I understand the original Liquid HTML escapes everything that goes into filters by default, or something. Someone would have to check what exactly gets escaped in Liquid and do the same escaping in liquid-rust. It just states
It needs to be non evaling and secure. Liquid templates are made so that users can edit them. You don't want to run code on your server which your users wrote.
So this is a pretty large change I think, but as far as I understand the original Liquid HTML escapes everything that goes into filters by default, or something. Someone would have to check what exactly gets escaped in Liquid and do the same escaping in liquid-rust. It just states
which is pretty vague.
Could use https://github.com/skade/escapade