askama v0.5.0 Release Notes
Release Date: 2017-09-07 // over 6 years ago-
Discussing the 0.4.0 release made me think I should quickly make one further change: inferring the escape mode from the template
path
, or a specified extension if you're using thesource
attribute. This means escaping is now only on by default for templates with ahtml
,htm
, orxml
extension. In addition, this release escapes more characters, according to the OWASP recommendations.⬆️ If you spent time making changes for the 0.4.0 upgrade already, sorry about the churn! I believe this minimizes boilerplate and hopefully doesn't introduce too much magic.