Gecko [ www.finalhopeacademy.com ]

Name	Size	Permission
abs.rst	247 B	-rw-r--r--
batch.rst	1013 B	-rw-r--r--
capitalize.rst	233 B	-rw-r--r--
convert_encoding.rst	634 B	-rw-r--r--
date.rst	2.53 KB	-rw-r--r--
date_modify.rst	547 B	-rw-r--r--
default.rst	858 B	-rw-r--r--
escape.rst	3.09 KB	-rw-r--r--
first.rst	443 B	-rw-r--r--
format.rst	392 B	-rw-r--r--
index.rst	402 B	-rw-r--r--
join.rst	429 B	-rw-r--r--
json_encode.rst	485 B	-rw-r--r--
keys.rst	219 B	-rw-r--r--
last.rst	436 B	-rw-r--r--
length.rst	584 B	-rw-r--r--
lower.rst	152 B	-rw-r--r--
merge.rst	1.33 KB	-rw-r--r--
nl2br.rst	358 B	-rw-r--r--
number_format.rst	1.13 KB	-rw-r--r--
raw.rst	1.18 KB	-rw-r--r--
replace.rst	420 B	-rw-r--r--
reverse.rst	989 B	-rw-r--r--
round.rst	784 B	-rw-r--r--
slice.rst	2.07 KB	-rw-r--r--
sort.rst	344 B	-rw-r--r--
split.rst	1.31 KB	-rw-r--r--
striptags.rst	594 B	-rw-r--r--
title.rst	255 B	-rw-r--r--
trim.rst	873 B	-rw-r--r--
upper.rst	152 B	-rw-r--r--
url_encode.rst	527 B	-rw-r--r--

Code Editor : escape.rst

``escape``
==========

The ``escape`` filter escapes a string for safe insertion into the final
output. It supports different escaping strategies depending on the template
context.

By default, it uses the HTML escaping strategy:

.. code-block:: jinja

For convenience, the ``e`` filter is defined as an alias:

.. code-block:: jinja

The ``escape`` filter can also be used in other contexts than HTML thanks to
an optional argument which defines the escaping strategy to use:

.. code-block:: jinja

{{ user.username|e }}
    {# is equivalent to #}
    {{ user.username|e('html') }}

And here is how to escape variables included in JavaScript code:

.. code-block:: jinja

The ``escape`` filter supports the following escaping strategies:

* ``html``: escapes a string for the **HTML body** context.

* ``js``: escapes a string for the **JavaScript context**.

* ``css``: escapes a string for the **CSS context**. CSS escaping can be
  applied to any string being inserted into CSS and escapes everything except
  alphanumerics.

* ``url``: escapes a string for the **URI or parameter contexts**. This should
  not be used to escape an entire URI; only a subcomponent being inserted.

* ``html_attr``: escapes a string for the **HTML attribute** context.

.. note::

Internally, ``escape`` uses the PHP native `htmlspecialchars`_ function
    for the HTML escaping strategy.

.. caution::

When using automatic escaping, Twig tries to not double-escape a variable
    when the automatic escaping strategy is the same as the one applied by the
    escape filter; but that does not work when using a variable as the
    escaping strategy:

.. code-block:: jinja

{% set strategy = 'html' %}

{% autoescape 'html' %}
            {{ var|escape('html') }}   {# won't be double-escaped #}
            {{ var|escape(strategy) }} {# will be double-escaped #}
        {% endautoescape %}

When using a variable as the escaping strategy, you should disable
    automatic escaping:

.. code-block:: jinja

{% set strategy = 'html' %}

{% autoescape 'html' %}
            {{ var|escape(strategy)|raw }} {# won't be double-escaped #}
        {% endautoescape %}

Custom Escapers
---------------

You can define custom escapers by calling the ``setEscaper()`` method on the
``core`` extension instance. The first argument is the escaper name (to be
used in the ``escape`` call) and the second one must be a valid PHP callable:

.. code-block:: php

$twig = new Twig_Environment($loader);
    $twig->getExtension('Twig_Extension_Core')->setEscaper('csv', 'csv_escaper');

When called by Twig, the callable receives the Twig environment instance, the
string to escape, and the charset.

.. note::

Built-in escapers cannot be overridden mainly they should be considered as
    the final implementation and also for better performance.

Arguments
---------

* ``strategy``: The escaping strategy
* ``charset``:  The string charset

.. _`htmlspecialchars`: http://php.net/htmlspecialchars

${this.title}

Code Editor : escape.rst