Timber Best Practices: escaping

  • Resolved rwstone

    (@rwstone)


    9 years, 2 months ago

    Hi,

    1) Timber saved me! (I started a project in another CMS with Twig and had to switch it over to WP. No prob!)

    2) I’m relatively new to the nuances of WP, ACF, Twig, and Timber. I’m trying to figure out what exactly I need to escape in my Twig templates. In all the Timber docs and examples on the web, I don’t find a single output variable escaped. Is that right?

    If I get {{ post.content }}, that’s been run through WP functions, so it’s fine, right?
    But, if I get <img ... alt="{{ image.alt }}">, that can have quotes, so |e('html_attr')?
    ACF WYSIWYG fields are doomed anyway, but ACF URL fields, plain text fields, and so forth? What’s the recommended approach?

    Thanks!

    https://www.ads-software.com/plugins/timber-library/

Viewing 1 replies (of 1 total)
  • Plugin Author jarednova

    (@jarednova)

    Hi @rwstone!

    To get a field that’s been processed by ACF use {{ post.get_field('my_acf_field') }} and it will return it with the appropriate filters. From here on out, I’m switching all support over to the new StackOverflow tag:

    https://stackoverflow.com/questions/tagged/timber

    … this way it makes it easier to share answers, tips and up-vote what works (oh and Google to find it all). Thanks for using Timber!

Viewing 1 replies (of 1 total)
  • The topic ‘Timber Best Practices: escaping’ is closed to new replies.

Tags