maya-chen/flask
1
0
Fork 0
forked from orbit-oss/flask
Code Pull requests Activity

Add .svg to select_jinja_autoescape (#4840)

Browse source 
As SVG files are a type of XML file and are similar in nearly
all aspects to XML, .svg should also be autoescaped.
This commit is contained in:
Jonah Lawrence 2022-10-30 07:55:51 -07:00 committed by David Lord
parent 631b6dd546
commit 79032ca5f1
No known key found for this signature in database
GPG key ID: 7A1C87E3F5BC42A8
3 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/templating.rst
View file

@ -18,7 +18,7 @@ Jinja Setup
Unless customized, Jinja2 is configured by Flask as follows:
- autoescaping is enabled for all templates ending in ``.html``,
``.htm``, ``.xml`` as well as ``.xhtml`` when using
``.htm``, ``.xml``, ``.xhtml``, as well as ``.svg`` when using
:func:`~flask.templating.render_template`.
- autoescaping is enabled for all strings when using
:func:`~flask.templating.render_template_string`.