We use HTML::Template in conjunction with an Angular app and would like to escape { when using html escaping to prevent attacks of this sort. To do this, we had to fork HTML::Template. It would be nice if the escaping was customizable, either by allowing the user to pass their own mapping or allowing the user to pass callbacks to use instead of the default escaping code.
We use
HTML::Templatein conjunction with an Angular app and would like to escape{when usinghtmlescaping to prevent attacks of this sort. To do this, we had to forkHTML::Template. It would be nice if the escaping was customizable, either by allowing the user to pass their own mapping or allowing the user to pass callbacks to use instead of the default escaping code.