Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.2.0
    • Component/s: None
    • Labels:
      None

      Description

      Several of our products are constructing html on the fly through getText and using the noAutoescape print directive on the result of the function. While having html in our i18n format messages is not an idea situation providing a 'safer' way to do it would improve the situation.

      The getTextAsHtml soy function will escape the value arguments to the getText call and return the result (of the call) as SanitizedContent.ContentKind.HTML (sanitized html content).

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            David Black
            Reporter:
            David Black
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Who's Looking?