Fix Docs: explain blitz.auto_escape ini parameter, pseudo-filters and anti-XSS approach

Question

Fix Docs: explain blitz.auto_escape ini parameter, pseudo-filters and anti-XSS approach

Opened this issue 5 years ago · 0 comments

Explain: (1) blitz.auto_escape (2) pseudo-filters (3) anti-XSS practices
{{ $html | raw }} when blitz.auto_escape = 1
{{ $var | escape }} when blitz.auto_escape = 0 (0 by default!)
{{ $var | nl2br }}