I am trying to output a variable from F3 which contains HTML.
$message = "<p>Hello, <b>World</b></p>"
I am outputting it as follows:
<div class="container">
{{ @message }}
</div>
The problem is it displays exactly like so:
"<p>Hello, <b>World</b></p>"
Instead of just:
Hello, World
Another solution is to disable the automatic HTML escaping.
$f3 = Base::instance();
$f3->set('ESCAPE', false);
The rendered template will look like the following:
<div class="container">
<p>Hello, <b>World</b></p>
</div>
Now it's necessary to escape untrusted data with the esc macro. Example:
{{ @message | esc }}
See also: