GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  TEMPLATE::STASH::AUTOESCAPE (3)

.ds Aq ’

NAME

Template::Stash::AutoEscape - escape automatically in Template-Toolkit.

CONTENTS

SYNOPSIS



  use Template;
  use Template::Stash::AutoEscape;
  my $tt = Template->new({
    STASH => Template::Stash::AutoEscape->new 
  });



METHODS

    new

escape_type default is HTML
method_for_raw default is raw, you can get not escaped value from [% value.raw %]
escape_method


  my $tt = Template->new({
    STASH => Template::Stash::AutoEscape->new({
        escape_method => sub { my $text = shift; ... ; return $text }
    })
  });



ignore_escape


  my $stash = Template::Stash::AutoEscape->new({ignore_escape => [qw(include_html include_raw my_escape_func)], ... );

  You can disable auto-escape for some value or TT-Macro.
  For example: include other component, for output safety html, using other escape method, etc.



    class_for



    Template::Stash::AutoEscape->class_for("HTML") # Template::Stash::AutoEscape::Escaped::HTML
    Template::Stash::AutoEscape->class_for("HTML" => "MyHTMLString");



DESCRIPTION

Template::Stash::AutoEscape is a sub class of Template::Stash, automatically escape all HTML strings and avoid XSS vulnerability.

CONFIGURE

$Template::Stash::AutoEscape::ESCAPE_ARGS


 default is 0. for example "key of hash" or "args of vmethods" are not escaped. I think this is good in most cases.
 [% hash.${key} %] [% hash.item(key) %] means [% hash.${key.raw} | html %] [% hash.item(key.raw) | html %] by default.



AUTHOR

mala <cpan@ma.la>

SEE ALSO

Template, Template::Stash::EscapedHTML

LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

POD ERRORS

Hey! <B>The above document had some coding errors, which are explained below:B>
Around line 218: You forgot a ’=back’ before ’=head1’
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 TEMPLATE::STASH::AUTOESCAPE (3) 2010-09-13

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.