liquid icon indicating copy to clipboard operation
liquid copied to clipboard
verified publisher icon Shopify

escape all outputted variables by default

Open emattias opened this issue 5 years ago • 1 comments

Would it be possible to configure liquid to make escaping opt out instead of opt in with the escape filter?

We have had problems with escaping being missed when implementing. If it escapes everything by default its harder to miss and you make an active choice to not escape potentially risky outputs.

React for example escape all output by default

emattias avatar Apr 06 '20 10:04 emattias

did you find any solution to this? would be great if the linked PR got merged

mastermoo avatar Mar 14 '24 16:03 mastermoo