maya-chen/flask
1
0
Fork 0
forked from orbit-oss/flask
Code Pull requests Activity

Add .svg to select_jinja_autoescape (#4840)

Browse source 
As SVG files are a type of XML file and are similar in nearly 
all aspects to XML, .svg should also be autoescaped.
This commit is contained in:
Jonah Lawrence 2022-10-30 08:55:51 -06:00 committed by GitHub
parent 3dc6db9d0c
commit cc66213e57
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/flask/app.py
View file

@ -961,11 +961,14 @@ class Flask(Scaffold):
"""Returns ``True`` if autoescaping should be active for the given
template name. If no template name is given, returns `True`.
.. versionchanged:: 2.2
Autoescaping is now enabled by default for ``.svg`` files.
.. versionadded:: 0.5
"""
if filename is None:
return True
return filename.endswith((".html", ".htm", ".xml", ".xhtml"))
return filename.endswith((".html", ".htm", ".xml", ".xhtml", ".svg"))
def update_template_context(self, context: dict) -> None:
"""Update the template context with some commonly used variables.