Dear all, I would like to propose the accelerated deprecation of the fix_ampersands built-in template filter, because in all use cases, it either simply does not work, or stimulates the user to create security vulnerabilities.
In addition, I would like to deprecate django.utils.html.clean_html. This is the only code in Django that uses fix_ampersands, and it's use is rather unclear. This function is not documented. I have written a more extensive rationale on the ticket created for this: https://code.djangoproject.com/ticket/22130 Are there any concerns or suggestions? cheers, Erik -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/C8ED78A5-2486-411F-AA93-4D147F5C6169%40solidlinks.nl. For more options, visit https://groups.google.com/groups/opt_out.
