From: Fabien Potencier Date: Wed, 25 Apr 2012 16:22:04 +0000 (+0200) Subject: made the autoescape tag argument optional (defaults to 'html') X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=75d97b4a275b90956df554fd7d8d7bc6e3d4ae73;p=web%2Fkonrad%2Ftwig.git made the autoescape tag argument optional (defaults to 'html') --- diff --git a/CHANGELOG b/CHANGELOG index e71fb2d..7e78ecc 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,6 @@ * 1.8.0 (2012-XX-XX) - * simplified usage of the autoescape tag; the only argument is now the escaping strategy or false (with a BC layer) + * simplified usage of the autoescape tag; the only (optional) argument is now the escaping strategy or false (with a BC layer) * added a way to dynamically change the auto-escaping strategy according to the template "filename" * changed the autoescape option to also accept a supported escaping strategy (for BC, true is equivalent to html) * added an embed tag diff --git a/doc/api.rst b/doc/api.rst index fc7b0d6..eef76ff 100644 --- a/doc/api.rst +++ b/doc/api.rst @@ -327,11 +327,13 @@ the ``raw`` filter: {{ article.to_html|raw }} -You can also change the escaping mode locally by using the ``autoescape`` tag: +You can also change the escaping mode locally by using the ``autoescape`` tag +(see the :doc:`autoescape<../tags/autoescape>` doc for the syntax used before +Twig 1.8): .. code-block:: jinja - {% autoescape true %} + {% autoescape 'html' %} {{ var }} {{ var|raw }} {# var won't be escaped #} {{ var|escape }} {# var won't be double-escaped #} diff --git a/doc/tags/autoescape.rst b/doc/tags/autoescape.rst index dd7a463..c5ff0c2 100644 --- a/doc/tags/autoescape.rst +++ b/doc/tags/autoescape.rst @@ -6,34 +6,54 @@ template to be escaped or not by using the ``autoescape`` tag: .. code-block:: jinja - {% autoescape true %} {# as of Twig 1.8, this is equivalent to {% autoescape 'html' %} #} + {# The following syntax works as of Twig 1.8 -- see the note below for previous versions #} + + {% autoescape %} Everything will be automatically escaped in this block using the HTML strategy {% endautoescape %} - {% autoescape false %} - Everything will be outputted as is in this block - {% endautoescape %} - - {# deprecated as of Twig 1.8 #} - {% autoescape true js %} + {% autoescape 'html' %} Everything will be automatically escaped in this block - using the js escaping strategy + using the HTML strategy {% endautoescape %} - {# as of Twig 1.8 #} {% autoescape 'js' %} Everything will be automatically escaped in this block using the js escaping strategy {% endautoescape %} + {% autoescape false %} + Everything will be outputted as is in this block + {% endautoescape %} + +.. note:: + + Before Twig 1.8, the syntax was different: + + .. code-block:: jinja + + {% autoescape true %} + Everything will be automatically escaped in this block + using the HTML strategy + {% endautoescape %} + + {% autoescape false %} + Everything will be outputted as is in this block + {% endautoescape %} + + {% autoescape true js %} + Everything will be automatically escaped in this block + using the js escaping strategy + {% endautoescape %} + When automatic escaping is enabled everything is escaped by default except for values explicitly marked as safe. Those can be marked in the template by using the :doc:`raw<../filters/raw>` filter: .. code-block:: jinja - {% autoescape true %} + {% autoescape %} {{ safe_value|raw }} {% endautoescape %} diff --git a/lib/Twig/TokenParser/AutoEscape.php b/lib/Twig/TokenParser/AutoEscape.php index 5532dca..0040845 100644 --- a/lib/Twig/TokenParser/AutoEscape.php +++ b/lib/Twig/TokenParser/AutoEscape.php @@ -39,24 +39,29 @@ class Twig_TokenParser_AutoEscape extends Twig_TokenParser public function parse(Twig_Token $token) { $lineno = $token->getLine(); - $expr = $this->parser->getExpressionParser()->parseExpression(); - if (!$expr instanceof Twig_Node_Expression_Constant) { - throw new Twig_Error_Syntax('An escaping strategy must be a string or a Boolean.', $lineno); - } - $value = $expr->getAttribute('value'); - - $compat = true === $value || false === $value; - if (true === $value) { + if ($this->parser->getStream()->test(Twig_Token::BLOCK_END_TYPE)) { $value = 'html'; - } + } else { + $expr = $this->parser->getExpressionParser()->parseExpression(); + if (!$expr instanceof Twig_Node_Expression_Constant) { + throw new Twig_Error_Syntax('An escaping strategy must be a string or a Boolean.', $lineno); + } + $value = $expr->getAttribute('value'); - if ($compat && $this->parser->getStream()->test(Twig_Token::NAME_TYPE)) { - if (false === $value) { - throw new Twig_Error_Syntax('Unexpected escaping strategy as you set autoescaping to false.', $lineno); + $compat = true === $value || false === $value; + + if (true === $value) { + $value = 'html'; } - $value = $this->parser->getStream()->next()->getValue(); + if ($compat && $this->parser->getStream()->test(Twig_Token::NAME_TYPE)) { + if (false === $value) { + throw new Twig_Error_Syntax('Unexpected escaping strategy as you set autoescaping to false.', $lineno); + } + + $value = $this->parser->getStream()->next()->getValue(); + } } $this->parser->getStream()->expect(Twig_Token::BLOCK_END_TYPE); diff --git a/test/Twig/Tests/Fixtures/tags/autoescape/basic.test b/test/Twig/Tests/Fixtures/tags/autoescape/basic.test index 3bb7017..2f6a3e1 100644 --- a/test/Twig/Tests/Fixtures/tags/autoescape/basic.test +++ b/test/Twig/Tests/Fixtures/tags/autoescape/basic.test @@ -1,6 +1,9 @@ --TEST-- "autoescape" tag applies escaping on its children --TEMPLATE-- +{% autoescape %} +{{ var }}
+{% endautoescape %} {% autoescape 'html' %} {{ var }}
{% endautoescape %} @@ -17,6 +20,7 @@ return array('var' => '
') --EXPECT-- <br />
+<br />


<br />