Add "safe" filter à la Nunjucks

[dz4k]

Per Discord discussion:

dz4k — Yesterday at 10:51 PM \ @Óscar there should be a filter like trustHtml that simply marks text as trusted without transforming it, and the docs should be updated to recommend that when autoescaping is used. Happy to PR

Óscar — Yesterday at 11:00 PM \ I see.

Ok, maybe safe, like Nunjucks.

Note: I never liked the safe name but it might be better to keep it for familiarity.

[oscarotero]

Hi @dz4k Looks like there're some conflicts due the latest changes in the documentation. Can you fix them? I also left a couple of suggestions to simplify your changes. Let me know if you have any question. Thanks!

[dz4k]

@oscarotero just got around to making those changes. Any final verdict on the filter name? maybe noescape or trust, or stick with safe?

BTW:

because you may want to escape non-HTML code.

It would be cool if the autoescape filter accepted an escaping function, so we could use Vento for templating other kinds of files without causing syntax errors -- maybe a future feature

[oscarotero]

Any final verdict on the filter name? maybe noescape or trust, or stick with safe?

noescape is confusing because you can combine it with escape filter: {{ string | escape | noescape }}.

If you don't like safe, I'm okay with trust (it's also short). Let me know if you want to change it and when can I merge this.

It would be cool if the autoescape filter accepted an escaping function,

Maybe this function can be configurable in the options:

const env = vento({
    autoescape: true, // use the default function
});

const env = vento({
    autoescape: (string) => string, // use a custom function
});

[dz4k]

safe is fine, feel free to merge

[oscarotero]

Great. Thanks!