Ad

Weird Laravel Blade Rendering With @ Escape Character

- 1 answer

I'm using @ escape character so that Blade allow me write some JS template. But I ended up with some unexpected behaviors.

@{{ a }} Outputs: {{ a }} 
@{{ {{ a }} }} Outputs: {{ {{ a }} }}
@{{ {{ a }} {{ b }} }} undefined constant b
@{{ @{{ a }} @{{ b }} }} Outputs: {{ @{{ a }} {{ b }} }}
@{{ {{ a }} @{{ b }} }} Outputs: {{ {{ a }} {{ b }} }}

By the way I wish there was some kind of directive in Laravel Blade, so that we can put any type of text in that and be sure it'll be intact in the output?

@intact

do {{ what }} ever you want!
@if we were not in @intact block,
there would be plenty of exceptions... {{{

@endintact
Ad

Answer

If you do not want your data to be escaped, you may use the following syntax:

Hello, {!! $name !!}.

Be very careful when echoing content that is supplied by users of your application. Always use the escaped, double curly brace syntax to prevent XSS attacks when displaying user supplied data.

You may wrap the HTML in the @verbatim directive if you are displaying JavaScript variables in a large portion of your template:

@verbatim
    <div class="container">
        Hello, {{ name }}.
    </div>
@endverbatim

See 'Displaying Unescaped Data' and 'The @verbatim Directive' sections on the blade docs for more info.

Ad
source: stackoverflow.com
Ad