maya-chen/flask
1
0
Fork 0
forked from orbit-oss/flask
Code Pull requests Activity

Add .svg to select_jinja_autoescape (#4840)

Browse source 
As SVG files are a type of XML file and are similar in nearly 
all aspects to XML, .svg should also be autoescaped.
This commit is contained in:
Jonah Lawrence 2022-10-30 08:55:51 -06:00 committed by GitHub
parent 3dc6db9d0c
commit cc66213e57
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/templating.rst
View file

@ -18,7 +18,7 @@ Jinja Setup
Unless customized, Jinja2 is configured by Flask as follows:
- autoescaping is enabled for all templates ending in ``.html``,
``.htm``, ``.xml`` as well as ``.xhtml`` when using
``.htm``, ``.xml``, ``.xhtml``, as well as ``.svg`` when using
:func:`~flask.templating.render_template`.
- autoescaping is enabled for all strings when using
:func:`~flask.templating.render_template_string`.