I have a Django template tag that looks like this:
from django import template
from django.utils.safestring import mark_for_escaping
register = template.Library()
@register.simple_tag(takes_context=True)
def hello_world(context):
return mark_for_escaping("Hello, <world>!")
But when it's used in templates the output isn't being escaped.
What's going on? Is the output of template tags always assumed to be safe?