How can I prevent Mojolicious from character-escaping stash data?

About

Asked 28/3, 2013 at 12:55 Answered 28/3, 2013 at 13:15

I am trying to send HTML to a template in Mojolicious and am finding that the html is getting replaced with safe strings somewhere along the way.

$self->stash(portalHeaderHtml => "<html>");

Becomes

 &lt;html&gt;

In the source

The template:

<%= $portalHeaderHtml %>

How do I tell it to display HTML and not replace tags?

Exacerbate answered 28/3, 2013 at 12:55 Comment(0)

Mojolicious::Guides::Rendering suggests using == to disable escaping of characters.

An additional equal sign can be used to disable escaping of the characters <, >, &, ' and " in results from Perl expressions, which is the default to prevent XSS attacks against your application.
<%== '<p>test</p>' %>

Proceed with caution.

Comedian answered 28/3, 2013 at 13:15 Comment(2)

Thank you! I could not find that. – Exacerbate 28/3, 2013 at 13:24

Thank you so much, I searched for this for one hour and HTML::Entities wasn't helpful since it was re-escaped anyway. – Iloilo 30/5, 2020 at 17:42

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags