Martin Auswöger

Another case where the green box causes more confusion than it helps IMO: https://community.contao.org/de/showthread.php?84936

If we want to do this, we need to use a prefix I think. Like `widget--name-X` or just `widget--X` where `X` is the name of the field, otherwise this would...

Can confirm. The error reads `Uncaught (in promise) TypeError: e.form is null` in my test. We should probably not output the captcha javascript in the backend.

Several image methods are not yet implemented in this library: `paste()`, `rotate()`, `flipHorizontally()`, `flipVertically()`, `draw()`, `applyMask()`, `fill()`, `mask()`, `histogram()`, `getColorAt()`, `layers()`, `interlace()`, `profile()`. So for `flipHorizontally()` and `flipVertically()` to work...

As discussed today we want to use something like `|e('html', double_encode = true)` additionaly to make the double encoding explicit.

Recap: `{{ foo|json_encode }}` as well as `{{ foo|e('html', double_encode = true) }}` will now get double encoded. We probably need to document this somewhere? /cc @fritzmg

> why do we need to double encode `{{ foo|json_encode }}`? See https://github.com/contao/docs/pull/1478

I tried a different approach now in 8ee868dc9a06d3ec9c50c0b4de6b69e61c314f5f this also fixes https://github.com/contao/contao/issues/7748 The new approach: If the string has one of the characters `"'` inside it, it is considered “unencoded”...

> or should we automatically filter any `` At first I thought that this might be feasible, but filtering `` alone would not be enough as all `` (and similar)...

We already discussed this in https://github.com/contao/contao/issues/1933#issuecomment-666387151 If we want to change course here, I’d use a script similar to the one metioned in https://github.com/whatwg/html/issues/5312