<%- %> Should mean DON'T escape HTML and <%= %> should mean escape HTML.
billmei opened this issue · 1 comments
billmei commented
This library has opposite conventions from what other libraries expect, such as the official NPM version: https://www.npmjs.com/package/ejs . This is also the convention used in Ruby's native erb
templates.
Per the Principle of Least Surprise this library should follow the conventions of the more popular libraries that already exist.
billmei commented
People who use Google to look this up will also see several responses on Stack Overflow which mention that <%= %>
is used for escaping.
Examples: