I’ve finally found some time (thanks to the xmas break) to have a crack at a ‘safe’ Mustache implementation in Ruby. By this, I mean an implementation that allows for templates to be edited by end users without fear of jeopardising an app’s security. This is useful in many situations, for example in a CMS or to allow users to customise email responses etc.
In order to gain a full understanding of how Mustache works internally, I decided to first write a full Mustache implementation from the ground up. Once this was done, I looked at ways to implement ‘safe views’ using Liquid as inspiration.
Happy New Year!