Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

use |xssafe if you're interpolating strings

Conflicts:

	apps/amo/helpers.py
  • Loading branch information...
commit 568edee9222a2fec29b1705c134dffbb8419e04f 1 parent 8f94808
@kumar303 kumar303 authored
Showing with 11 additions and 0 deletions.
  1. +11 −0 apps/amo/helpers.py
View
11 apps/amo/helpers.py
@@ -31,6 +31,17 @@
register.function(utils.randslice)
+@register.filter
+def xssafe(value):
+ """
+ Like |safe but for strings with interpolation.
+
+ By using |xssafe you assert that you have written tests proving an
+ XSS can't happen here.
+ """
+ return jinja2.Markup(value)
+
+
@register.function
def locale_url(url):
"""Take a URL and give it the locale prefix."""
Please sign in to comment.
Something went wrong with that request. Please try again.