Introduction
When returning HTML (the default response type in Flask), any user-provided values rendered in the output must be escaped to protect from injection attacks. In this lab, you will learn how to use escape
for achieving this. Also HTML templates rendered with Jinja, introduced later, will do this automatically. For now, you can just use escape
to do this manually.