| Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
Signed-off-by: max <gmx.sht@gmail.com>
|
|
Signed-off-by: max <gmx.sht@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: max <gmx.sht@gmail.com>
|
|
|
|
|
|
This change
* allows using empty arrays `[]` in expessions,
* adds a cut when the leading `[` was encountered, and
* fixes the interaction between arrays and boolean OR.
IMO the restriction that you couldn't use empty arrays is not needed.
The missing cut made error messages slictly worse if you forget to add
the closing `]`.
Filter expressions must not have white spaces before the pipe `|`. The
white space is used to tell a filter expressions, and `std::ops::Or`
apart.
|
|
This change:
* adds a cut when the leading `(` was encountered, and
* fixed the interaction between call expressions and boolean OR.
|
|
|
|
This commit introduces a shorthand for defining and calling macros when
using them as a reusable substitute for variables assigned complex values
(e.g. string literals with or without newline escapes). The use-case is
formatting - from my experience it's easier to visually parse a `macro`
`endmacro` block than a multiline variable assignment.
Signed-off-by: mataha <mataha@users.noreply.github.com>
|
|
|
|
|
|
Closes #786
|
|
|
|
In <https://github.com/dtolnay/trybuild/pull/219> the output of error
messages was subtly changed, because they introduced a subdirectoy in
their temp path.
This PR fixes the mismatch between the expected and the actual output.
|
|
|
|
|
|
The support for the magic `_parent` field is deprecated since v0.8.0
or issue #180. It's bothersome to keep this feature alive, when no-one
should be using it for 3 years.
|
|
Just migrated a repo from tera to askama and this was one of the only
things that was different. This is also coherent with `{% block %}` for
which I added the same feature years ago.
|
|
|
|
|
|
Previously the built-in json filter had an issue that made it unsafe to
use in HTML data. When used in HTML attributes an attacker who is able
to supply an arbitrary string that should be JSON encoded could close
the containing HTML element e.g. with `"</div>"`, and write arbitrary
HTML code afterwards as long as they use apostrophes instead of
quotation marks. The programmer could make this use case safe by
explicitly escaping the JSON result: `{{data|json|escape}}`.
In a `<script>` context the json filter was not usable at all, because
in scripts HTML escaped entities are not parsed outside of XHTML
documents. Without using the safe filter an attacker could close the
current script using `"</script>"`.
This PR fixes the problem by always escaping less-than, greater-than,
ampersand, and apostrophe characters using their JSON unicode escape
sequence `\u00xx`. Unless the programmer explicitly uses the safe
filter, quotation marks are HTML encoded as `"`. In scripts the
programmer should use the safe filter, otherwise not.
|
|
|
|
|
|
|
|
|
|
Askama understands how to destructure tuples in let and match
statements, but it does not understand how to build a tuple.
This PR fixes this shortcoming.
|
|
This change allows using the operator `?` in askama expressions. It
works like the same operator in Rust: if a `Result` is `Ok`, it is
unwrapped. If it is an error, then the `render()` method fails with this
error value.
|
|
Instead of having `Expr::VarCall`, `Expr::PathCall` and
`Expr::MethodCall`, this PR unifies the handling of calls by removing
the former three variants, and introducing `Expr::Call`.
|
|
|
|
This is relatively major change to the main trait's API. For context,
I always started from the concept of monomorphized traits, but later
several contributors asked about object safety. At that point I made
`Template` object-safe, and then even later added a `SizedTemplate`
to make some things easier for people who don't need object safety.
However, having object-safety in the primary trait is bad for
performance (a substantial number of calls into the virtual `Write`
trait is relatively slow), and I don't think those who don't need
object safety should pay for the cost of having it.
Additionally, I feel using associated consts for the extension and
size hint is more idiomatic than having accessor methods. I don't
know why I didn't use these from the start -- maybe associated
consts didn't exist yet, or I didn't yet know how/when to use them.
Askama is pretty old at this point...
|
|
|
|
|
|
|
|
|
|
|
|
This PR implements for-else statements like in Jinja. They make it easy
to print an alternative message if the loop iterator was empty. E.g.
```rs
{% for result in result %}
<li>{{ result }}</li>
{% else %}
<li><em>no results</em></li>
{% endfor %}
```
|
|
|
|
|
|
|
|
|
|
This PR adds `{% break %}` and `{% continue %}` statements to break out
of a loop, or continue with the next element of the iterator.
|
|
|