Is there a way how I can (without modifying the sources of mustache) disable the HTML escaping? I’m using mustache for other things and dont want to have the following entities escaped.
var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' };
Given a template like foo '{{bar}}'
and a view { bar : 1 }
will produce foo '1'
.
Advertisement
Answer
It’s actually pretty simple. Mustache offers the possibility to override the escape
function. This allows you to disable the escaping by simply returning the original value.
mustache.escape = function (value) { return value; };
As mentioned by others, you can also use the following notation to disable escaping.
{{{ test }}}
I leave the answer unchanged, since it might be helpful to implement your own sanitizing.