Skip to content

Commit

Permalink
Merge pull request #1090 from TheDancingCode/forceescape
Browse files Browse the repository at this point in the history
Add "forceescape" filter
  • Loading branch information
fdintino authored Mar 23, 2018
2 parents de49d33 + f478b06 commit 1b4558d
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
Changelog
=========

* Add `forceescape` filter. Fixes [#782](https://github.com/mozilla/nunjucks/issues/782)

3.1.2 (Feb 23 2018)
-------------------
Expand Down
4 changes: 4 additions & 0 deletions docs/templating.md
Original file line number Diff line number Diff line change
Expand Up @@ -1124,6 +1124,10 @@ This default can be overridden by using the first parameter.
3.5
```

### forceescape

Enforce HTML escaping. This will probably double escape variables.

### groupby

Group a sequence of objects by a common attribute:
Expand Down
7 changes: 7 additions & 0 deletions nunjucks/src/filters.js
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,13 @@ function first(arr) {

exports.first = first;

function forceescape(str) {
str = (str === null || str === undefined) ? '' : str;
return r.markSafe(lib.escape(str.toString()));
}

exports.forceescape = forceescape;

function groupby(arr, attr) {
return lib.groupBy(arr, attr);
}
Expand Down
6 changes: 6 additions & 0 deletions tests/filters.js
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,12 @@
equal('{{ "0" | float }}', '0');
});

it('forceescape', function(done) {
equal('{{ str | forceescape }}', { str: r.markSafe('<html>')}, '&lt;html&gt;');
equal('{{ "<html>" | safe | forceescape }}', '&lt;html&gt;');
finish(done);
});

it('int', function() {
equal('{{ "3.5" | int }}', '3');
equal('{{ "0" | int }}', '0');
Expand Down

0 comments on commit 1b4558d

Please sign in to comment.