Skip to content
Advertisement

Mustache: Globally disable html escaping?

Is there a way how I can (without modifying the sources of mustache) disable the HTML escaping? I’m using mustache for other things and dont want to have the following entities escaped.

var entityMap = {
  "&": "&",
  "<": "&lt;",
  ">": "&gt;",
  '"': '&quot;',
  "'": ''',
  "/": '/'
};

Given a template like foo '{{bar}}' and a view { bar : 1 }will produce foo '1&#39.

Advertisement

Answer

It’s actually pretty simple. Mustache offers the possibility to override the escape function. This allows you to disable the escaping by simply returning the original value.

mustache.escape = function (value)
{
    return value;
};

As mentioned by others, you can also use the following notation to disable escaping.

{{{ test }}}

I leave the answer unchanged, since it might be helpful to implement your own sanitizing.

Advertisement