added the autoescape option to enable/disable autoescaping

diff --git a/CHANGELOG b/CHANGELOG
index e982534..fe2e680 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@ Backward incompatibilities:
 
 Changes:
 
+ * added the autoescape option to enable/disable autoescaping
  * removed the newline after a comment (mimicks PHP behavior)
  * added a syntax error exception when parent block is used on a template that does not extend another one
  * made the Escaper and Optimizer extensions enabled by default

diff --git a/doc/03-Twig-for-Developers.markdown b/doc/03-Twig-for-Developers.markdown
index b0f3e34..377088e 100644 (file)
--- a/doc/03-Twig-for-Developers.markdown
+++ b/doc/03-Twig-for-Developers.markdown
@@ -95,6 +95,9 @@ The following options are available:
    do not exist) and replace them with a `null` value. When set to `true`,
    Twig throws an exception instead (default to `false`).
 
+ * `autoescape` (new in Twig 0.9.10): If set to `true`, auto-escaping will be
+   enabled by default for all templates (default to `true`).
+
 >**CAUTION**
 >Before Twig 0.9.3, the `cache` and `auto_reload` options did not exist. They
 >were passed as a second and third arguments of the filesystem loader

diff --git a/lib/Twig/Environment.php b/lib/Twig/Environment.php
index a56c935..e7a80ed 100644 (file)
--- a/lib/Twig/Environment.php
+++ b/lib/Twig/Environment.php
@@ -57,6 +57,8 @@ class Twig_Environment
      *  * strict_variables: Whether to ignore invalid variables in templates
      *                      (default to false).
      *
+     *  * autoescape: Whether to enable auto-escaping (default to true).
+     *
      * @param Twig_LoaderInterface   $loader  A Twig_LoaderInterface instance
      * @param array                  $options An array of options
      * @param Twig_LexerInterface    $lexer   A Twig_LexerInterface instance
@@ -81,18 +83,28 @@ class Twig_Environment
             $this->setCompiler($compiler);
         }
 
-        $this->debug              = isset($options['debug']) ? (bool) $options['debug'] : false;
-        $this->charset            = isset($options['charset']) ? $options['charset'] : 'UTF-8';
-        $this->baseTemplateClass  = isset($options['base_template_class']) ? $options['base_template_class'] : 'Twig_Template';
-        $this->autoReload         = isset($options['auto_reload']) ? (bool) $options['auto_reload'] : $this->debug;
+        $options = array_replace(array(
+            'debug'               => false,
+            'charset'             => 'UTF-8',
+            'base_template_class' => 'Twig_Template',
+            'strict_variables'    => false,
+            'autoescape'          => true,
+            'cache'               => false,
+            'auto_reload'         => null,
+        ), $options);
+
+        $this->debug              = (bool) $options['debug'];
+        $this->charset            = $options['charset'];
+        $this->baseTemplateClass  = $options['base_template_class'];
+        $this->autoReload         = null === $options['auto_reload'] ? $this->debug : (bool) $options['auto_reload'];
         $this->extensions         = array(
             'core'      => new Twig_Extension_Core(),
-            'escaper'   => new Twig_Extension_Escaper(),
+            'escaper'   => new Twig_Extension_Escaper(array('autoescape' => (bool) $options['autoescape'])),
             'optimizer' => new Twig_Extension_Optimizer(),
         );
-        $this->strictVariables    = isset($options['strict_variables']) ? (bool) $options['strict_variables'] : false;
+        $this->strictVariables    = (bool) $options['strict_variables'];
         $this->runtimeInitialized = false;
-        if (isset($options['cache']) && $options['cache']) {
+        if ($options['cache']) {
             $this->setCache($options['cache']);
         }
     }

diff --git a/lib/Twig/NodeVisitor/Escaper.php b/lib/Twig/NodeVisitor/Escaper.php
index 8f0cc14..eccf57b 100644 (file)
--- a/lib/Twig/NodeVisitor/Escaper.php
+++ b/lib/Twig/NodeVisitor/Escaper.php
@@ -81,6 +81,10 @@ class Twig_NodeVisitor_Escaper implements Twig_NodeVisitorInterface
         $expression = $node->getNode('expr');
 
         if ($this->isSafeFor($type, $expression, $env)) {
+            if ($expression instanceof Twig_Node_Expression_Filter && 'raw' == $expression->getNode('filter')->getAttribute('value')) {
+                $node->setNode('expr', $expression->getNode('node'));
+            }
+
             return $node;
         }