askama v0.5.0 Release Notes
Release Date: 2017-09-07 // over 6 years ago-
Discussing the 0.4.0 release made me think I should quickly make one further change: inferring the escape mode from the template
path, or a specified extension if you're using thesourceattribute. This means escaping is now only on by default for templates with ahtml,htm, orxmlextension. In addition, this release escapes more characters, according to the OWASP recommendations.⬆️ If you spent time making changes for the 0.4.0 upgrade already, sorry about the churn! I believe this minimizes boilerplate and hopefully doesn't introduce too much magic.